Raccoon: Infostealer Malware-as-a-Service (MaaS)

Sponsor ad - 728w x 90h (at 72 dpi)
Image source: Cyberark

Video pirates are well known for stealing or buying online consumer account access or exploit breaches in IT, network or device infrastructures so they can steal content.  So it was interesting to read about Infostealers.

Cyberark, a company that specializes in privileged access management, published an article this week describing infostealers as a category of malware designed specifically to gather sensitive details like user credentials, finanical account access and other personal information.

As one example of an infostealer, Cyberark describes Raccoon, which has been known for about a year and is offered for a weekly or monthly service fee.  That’s right, Malware-as-a-Service (MaaS)!

A new version of Raccoon is released (as part of MaaS model). Source: Cyberark.

Raccoon is delivered either as a malicious Web site that directs consumers to landing pages based on the consumer device and software vulnerabilities it finds; or as a phishing campaign.  In the latter, a victim might open an attachment that runs a macro or an executable.

Read the entire Cyberark article about Infostealers and Raccoon

Raccoon targets Chromium- and Mozilla- based browsers because both of those frameworks also serve as the basis for many derivative browsers.  Raccoon also targets email clients and cryptocurrency wallets.

Why it matters

Raccoon is a case study in sophistication.  While most cybercriminals are not particularly sophisticated, their tools are becoming so.

It comes complete with an administration console that allows the user to customize the malware’s capabilities, to view stolen credentials and to download malware software builds.  Users also receive technical support and software maintenance as part of a time-based contract.

Print Friendly, PDF & Email
Sponsor ad - 728w x 90h (at 72 dpi)