Now attackers will be able to steal other people's data with increased convenience and anonymity.
Developers of Raccoon Stealer, a popular program for stealing information among hackers, returned to hacker forums after a 6-month break to present a new version of the malware to cybercriminals — 2.3.0.
Raccoon is one of the most well-known and widely used malware families for information theft, existing since 2019. It is available to everyone using the MaaS model for $200 per month.
The infostealer steals data from more than 60 apps, including credentials, bank card information, browser history, cookies, and crypto wallet accounts.
In October 2022, the main author of the Raccoon infostealer was arrested, and the FBI managed to eliminate the service's infrastructure. However, it was soon restored and the malicious platform continued its work.
In a new post on a hacker forum discovered by members of the VX-Underground community, the malware authors informed the entire cybercrime community that they have returned after a long work on new features.
Official post of a Raccoon representative on the hacker forum
The new functionality was implemented, according to the author of the post, after numerous requests and customer feedback, as well as the latest trends in cybercrime, so that Raccoon remained at the top of the malware market for information theft.
A comprehensive report from Cyberint experts says that Raccoon 2.3.0 introduced several usability and security improvements, making the malware easier to use for less experienced attackers, and tracking by researchers and law enforcement agencies less likely.
Specific innovations include the following:
Information thieves pose a huge threat to both ordinary users and entire businesses, as their widespread distribution in the cybercriminal community ensures the transmission of useful data through a variety of channels, reaching a large and diverse audience.
To protect yourself from Raccoon Stealer and similar threats, you should use password managers instead of storing your credentials in the browser. In addition, two-factor authentication (2FA) must be enabled on all accounts to prevent hackers from accessing your profile, even if they steal your credentials.
However, there is still a threat of session cookie interception, which allows you to bypass 2FA. In this case, you should avoid downloading executable files from questionable websites, even if they are redirected there from legitimate sources. A reliable antivirus solution will also help protect your data.
Developers of Raccoon Stealer, a popular program for stealing information among hackers, returned to hacker forums after a 6-month break to present a new version of the malware to cybercriminals — 2.3.0.
Raccoon is one of the most well-known and widely used malware families for information theft, existing since 2019. It is available to everyone using the MaaS model for $200 per month.
The infostealer steals data from more than 60 apps, including credentials, bank card information, browser history, cookies, and crypto wallet accounts.
In October 2022, the main author of the Raccoon infostealer was arrested, and the FBI managed to eliminate the service's infrastructure. However, it was soon restored and the malicious platform continued its work.
In a new post on a hacker forum discovered by members of the VX-Underground community, the malware authors informed the entire cybercrime community that they have returned after a long work on new features.
Official post of a Raccoon representative on the hacker forum
The new functionality was implemented, according to the author of the post, after numerous requests and customer feedback, as well as the latest trends in cybercrime, so that Raccoon remained at the top of the malware market for information theft.
A comprehensive report from Cyberint experts says that Raccoon 2.3.0 introduced several usability and security improvements, making the malware easier to use for less experienced attackers, and tracking by researchers and law enforcement agencies less likely.
Specific innovations include the following:
- A quick search in the control panel allows malware operators to easily find and retrieve specific credentials, documents, or other information from a shared database of stolen data.
- The system for countering suspicious actions, such as multiple access from the same IP address or range, detects unusual behavior and automatically deletes records associated with these actions, updating information in each client dashboard. This complicates the work of security tools that use automation and bots to detect malware.
- The new reporting system detects and blocks IP addresses used by crawlers and bots that cybersecurity companies use to monitor Raccoon traffic.
Information thieves pose a huge threat to both ordinary users and entire businesses, as their widespread distribution in the cybercriminal community ensures the transmission of useful data through a variety of channels, reaching a large and diverse audience.
To protect yourself from Raccoon Stealer and similar threats, you should use password managers instead of storing your credentials in the browser. In addition, two-factor authentication (2FA) must be enabled on all accounts to prevent hackers from accessing your profile, even if they steal your credentials.
However, there is still a threat of session cookie interception, which allows you to bypass 2FA. In this case, you should avoid downloading executable files from questionable websites, even if they are redirected there from legitimate sources. A reliable antivirus solution will also help protect your data.
