Sophos, a British security software and hardware company has published new research showing how malware disguised as pirated software grabs cryptocurrencies and information while dropping malicious content, such as crypto miners, on targeted systems.

The report dubbed ‘Trash Panda as a Service: Raccoon Stealer Steals Cookies, Crypto coins and More’ shows that the malware, Raccoon Stealer which is usually spread by spam email was distributed through droppers that the operators disguised as cracked software installers.

These droppers bundle Raccoon Stealer with additional attack tools, including malicious browser extensions, YouTube click-fraud bots, and Djvu/Stop, ransomware targeted primarily at home users.

“The vast majority of recent Raccoon samples are distributed via a single dropper campaign leveraging malicious websites. The actors behind the campaign also used search engine optimization to raise the chances that people looking for a particular software package would visit the malicious sites. Search for “[software product name] crack” on Google return links to websites that purport to provide downloads of software with license requirements bypassed.”

“The campaign we’ve been tracking shows Raccoon Stealer grabbing passwords, cookies, and the ‘autofill’ text for websites, including credit card data and other personally identifying information that may be stored by a browser. Thanks to a recent ‘clipper’ update that changes the clipboard or destination information for a cryptocurrency transaction, Raccoon Stealer also now targets crypto-wallets, and it can retrieve or load files – such as additional malware – on infected systems. That’s a lot of stuff that cybercriminals can easily monetize for a service that is ‘rented out’ at $75 for a week’s use,”  said Sean Gallagher, a senior threat researcher at Sophos.

AlSO READ:  Is the Natural Hair Movement Coming to an End?

The operators behind this Raccoon Stealer campaign also used the Telegram chat service for the first time for command-and-control communications, according to Sophos researchers.

“Information stealers fill an important niche in the cybercrime ecosystem. They offer a quick return on investment and represent an easy and cheap entry point for bigger attacks,” said Gallagher.

Consumers are advised to install a security solution on the devices that they and their families use for online communications and gaming to protect everyone from malware and cyberthreats. It is also good security practice to avoid downloading and installing unlicensed software from any source. Always check first to make sure it’s legitimate.

Follow Techspace Africa on Facebook and Twitter. For the latest news, tech news, breaking news headlines, reviews and live updates check out tech-space.africa

Join us on Telegram
Previous Post
Next article
Shirleen
Shirleen is a tech writer with over 3 years of experience in the industry. She has a passion for writing about complex technical topics in a way that is easy to understand. She is also an expert in SEO. She is a highly skilled and experienced tech writer who is passionate about her work. She is also a great team player and is always willing to go the extra mile to get the job done.

    You may also like