This well-known infostealer is back with upgraded malware

Raccoon Stealer returns sporting new features

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The hugely popular infostealer known as Raccoon is back, as its adoptive developers demonstrate new features to the underground hacking community.

According to BleepingComputer, cybersecurity researchers recently discovered a new ad on hacking forums, promoting version 2.3.0 of the infamousmalware. It comes with a couple of improvements, which the team worked “tirelessly” to bring to the hacking community.

As per the post, the new features were designed based on “customer feedback”, requests, and cybercrime trends, and should provide a better user experience with more privacy from researchers and law enforcement.

Upgrades

Raccoon Stealer version 2.3.0 has a new search function hackers can use to look for stolen credentials, a new tool to counter “suspicious activity” by deleting all records, and a reporting system that identifies and blocks IP addresses used by crawlers and bots. There is also a new Log Stats panel which gives users a holistic overview of their operations.

Learn coding skills with the best Python online courses>More malware is being hidden in PNG images, so watch out>Check out the best ID theft protection right now

In its prime, Raccoon Stealer was one of the most popular infostealing malware variants out there, but it was shut down following an FBI raid late last year. During the raid, the infostealer’s developer, Mark Sokolovsky, was arrested in the Netherlands, while the infrastructure was shut down.

Raccoon Stealer was an infostealer-as-a-service, which hackers could rent for $200 a month. It is capable of stealing information from more than 60 applications. It mostly targeted login credentials, credit card information, crypto wallets, and similar data.

Besides the obvious - not getting infected by malware - there are a few other things that can be done to safeguard one’s data, including not storing important information in the browser, and using multi-factor authentication (MFA) whenever possible, preferably via one of thebest authenticator apps. Instead of saving data in the browser, IT security experts recommend using third-party password managers instead.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats