Access to a compromised endpoint may no longer be enough. So, enterprising malware authors offer up infostealers to help exfiltrate valuable data from an infected machine.
In the world of cyberattackers, there’s something for everyone. Know how to phish really well, but don’t know how to steal data off a compromised endpoint? No problem. Since April of 2019, infostealers – such as Racoon – have been available in a Malware-As-A-Service (MaaS) model.
This furry little piece of malware is used to steal sensitive and confidential information off of victim’s computers. Installed via either phishing campaigns or bad guy-controlled websites with web browser exploits woven into page content, Racoon takes you for everything it can; able to exfiltrate login credentials, credit card information, cryptocurrency wallets and other browser information, such as cookies, history, and autofill data – from nearly 60 browsers and applications!
Powerful and dangerous stuff. Must be expensive, right?
Nope – Racoon only costs just $75 per week, or the bargain price of only $200 per month.
This is frightening. Master cyberthief skills handed to the unskilled cybercriminal masses for next to nothing all adds up to some very dangerous attacks – some that have already happened.
The good news is there’s something you can do to stop it. Just be sure your employees don’t click on malicious links or attachments on unfamiliar websites or in emails from people they don’t know.
Sound too good to be true?
This is the reality in an organization that has implemented Security Awareness Training – these employees understand the importance of their role in the organization’s security, how the bad guys attempt to fool users, and the ramifications should the user become a victim. The result is a vigilant employee that is constantly watching for suspicious content to avoid.
Racoon is only one of many infostealers out there. Expect to see more combining of attacks tied to ransomware as a way of ensuring monies are paid to the bad guys for their time and “effort.”