INSUBCONTINENT EXCLUSIVE:
Despite its expensive price and subscription-based business model, the Raccoon malware has grown increasingly popular among cybercriminals
due to its ability to target at least 60 applications including most popular browsers.The Raccoon infostealer, also known as Racealer, has
gained a following on underground hacking forums as a result of its aggressive marketing strategy, use of bulletproof hosting and
This malware was first discovered last year by security researchers at the firm Cybereason and it costs $200 a month.What sets Raccoon apart
from other malware is the fact that it employs a subscription-based business model that includes technical support, bug fixes and updates
It also allows cybercriminals to steal data and cryptrocurrency from a wide range of browsers and other applications.New analysis of Racoon
by Cyberark has revealed that the malware, which is able to steal data from 35 browsers and 60 applications overall, is usually delivered
out to potential victims in phishing campaigns while exploit kits are typically hosted on websites and victims are profiled for any
potential browser-based vulnerabilities, before being redirected to the appropriate exploit kit to leverage them.The Raccoon malware is able
to steal financial information, online credentials, data from user's PCs, cryptocurrencies and browser information such as cookies, browsing
history and autofill content
The malware targets Google Chrome, Internet Explorer, Microsoft Edge and Firefox as well as many lesser known browsers
Raccoon can also compromise email clients such as ThunderBird, Outlook and Foxmail, among others.Cryptocurrencies stored on users' systems
are also at risk as the malware seeks out Electrum, Ethereum, Exodus, Jaxx, Monero and Bither wallets by scanning for their default
application folders.The Raccoon malware isn't likely going away any time soon as it recently received a number of updates from its creators
Since we started the analysis of this sample, the Raccoon team members have improved the stealer and released new versions for the build,
including the capability to steal FTP server credentials from FileZilla application and login credentials from a Chinese UC Browser
In addition, the attacker panel has been improved, some UI issues were fixed and the authors added an option to encrypt the builds right
