Video pirates are well known for stealing or buying online consumer account access or exploit breaches in IT, network or device infrastructures so they can steal content. So it was interesting to read about Infostealers.
Cyberark, a company that specializes in privileged access management, published an article this week describing infostealers as a category of malware designed specifically to gather sensitive details like user credentials, finanical account access and other personal information.
As one example of an infostealer, Cyberark describes Raccoon, which has been known for about a year and is offered for a weekly or monthly service fee. That’s right, Malware-as-a-Service (MaaS)!
Raccoon is delivered either as a malicious Web site that directs consumers to landing pages based on the consumer device and software vulnerabilities it finds; or as a phishing campaign. In the latter, a victim might open an attachment that runs a macro or an executable.
Raccoon targets Chromium- and Mozilla- based browsers because both of those frameworks also serve as the basis for many derivative browsers. Raccoon also targets email clients and cryptocurrency wallets.
Why it matters
Raccoon is a case study in sophistication. While most cybercriminals are not particularly sophisticated, their tools are becoming so.
It comes complete with an administration console that allows the user to customize the malware’s capabilities, to view stolen credentials and to download malware software builds. Users also receive technical support and software maintenance as part of a time-based contract.