Russian Hackers Compromised 100,000+ Computers Using Raccoon Malware Via Fallout & RIG Exploit Kits
Researchers uncovered an information-stealing malware called Raccoon that delivered by the Fallout and RIG Exploit Kits to steal sensitive data from compromised victims’ devices.
Raccoon malware reportedly hacked more than 100,000 computers around the world since April 2019, and the malware believed to be delivered from a team of Russian hackers.
Malware doesn’t use any stealthy infection technique, and it steals the various sensor data such as important data, including credit card information, cryptocurrency wallets, browser data, and email credentials
Malware authors selling the Raccoon malware as a malware-as-a-service model in underground forums, and become one of the top 10 most-referenced malware on the market in 2019.
Also, the actors providing support for the buyer and handling the malware is a quick-and-easy way to make money stealing sensitive data without a huge personal investment.
The raccoon is written in C++ and is developed to compromise both 32 and 64-bit operating systems, and it is mainly used the exploit kits to deliver into victims’ machines.
Researchers from cybereason found a strong indication of this malware that infected hundreds of thousands of endpoints globally across organizations and individuals in North America, Europe, and Asia.
Some indication refers that the malware attribute to the well-known member, glad0ff. Alexuiop1337 – authors of predator stealer and the further analyse found Raccoon stealers database in February of 2019 that was created by glad0ff, and the person or team activity advertising this malware in an underground forum.
In an underground forum where this malware being advertised, many individuals write reviews for Raccoon, and the malware authors also have written a detailed write up about the Raccoon in a blog post.
Raccoon Malware Infection Process
Threat actors choose defect medium including exploit kits, phishing attacks, and bundled malware to deliver the Raccoon malware.
Exploit kits are developed to trigger the vulnerabilities in the target system while the victims browsing online and visiting malicious sites from where the exploit code will be delivered into the victim’s devices without any sort of user interaction.
The attacker initially leverages the Fallout exploit kit that helps to spawn the malicious PowerShell script from IE and connect to the remote server to download the main payload.
This post Russian Hackers Compromised 100,000+ Computers Using Raccoon Malware Via Fallout & RIG Exploit Kits originally appeared on GB Hackers.
