15
English
Afrikaans
Albanian
Amharic
Arabic
Armenian
Azerbaijani
Basque
Belarusian
Bengali
Bosnian
Bulgarian
Catalan
Cebuano
Chichewa
Chinese (Simplified)
Chinese (Traditional)
Corsican
Croatian
Czech
Danish
Dutch
Esperanto
Estonian
Filipino
Finnish
French
Frisian
Galician
Georgian
German
Greek
Gujarati
Haitian Creole
Hausa
Hawaiian
Hebrew
Hindi
Hmong
Hungarian
Icelandic
Igbo
Indonesian
Irish
Italian
Japanese
Javanese
Kannada
Kazakh
Khmer
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latin
Latvian
Lithuanian
Macedonian
Malagasy
Malay
Malayalam
Maltese
Maori
Marathi
Mongolian
Myanmar (Burmese)
Nepali
Norwegian
Pashto
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Samoan
Scottish Gaelic
Serbian
Sesotho
Shona
Sindhi
Sinhala
Slovak
Slovenian
Somali
Spanish
Sudanese
Swahili
Swedish
Tajik
Tamil
Telugu
Thai
Turkish
Ukrainian
Urdu
Uzbek
Vietnamese
Welsh
Xhosa
Yiddish
Yoruba
Zulu
Despite its expensive price and subscription-based business model, the Raccoon malware has grown increasingly popular among cybercriminals due to its ability to target at least 60 applications including most popular browsers.The Raccoon infostealer, also known as Racealer, has gained a following on underground hacking forums as a result of its aggressive marketing strategy, use of bulletproof hosting and easy-to-use backend.
This malware was first discovered last year by security researchers at the firm Cybereason and it costs $200 a month.What sets Raccoon apart from other malware is the fact that it employs a subscription-based business model that includes technical support, bug fixes and updates.
It also allows cybercriminals to steal data and cryptrocurrency from a wide range of browsers and other applications.New analysis of Racoon by Cyberark has revealed that the malware, which is able to steal data from 35 browsers and 60 applications overall, is usually delivered through phishing campaigns and exploit kits.Fraudulent emails containing Microsoft Office documents filled with malicious macros are sent out to potential victims in phishing campaigns while exploit kits are typically hosted on websites and victims are profiled for any potential browser-based vulnerabilities, before being redirected to the appropriate exploit kit to leverage them.The Raccoon malware is able to steal financial information, online credentials, data from user's PCs, cryptocurrencies and browser information such as cookies, browsing history and autofill content.
The malware targets Google Chrome, Internet Explorer, Microsoft Edge and Firefox as well as many lesser known browsers.
Raccoon can also compromise email clients such as ThunderBird, Outlook and Foxmail, among others.Cryptocurrencies stored on users' systems are also at risk as the malware seeks out Electrum, Ethereum, Exodus, Jaxx, Monero and Bither wallets by scanning for their default application folders.The Raccoon malware isn't likely going away any time soon as it recently received a number of updates from its creators according to Cyberark's blog post on the matter, which reads:Similar to other as-a-service offerings, Raccoon is still being developed and supported by a group.
Since we started the analysis of this sample, the Raccoon team members have improved the stealer and released new versions for the build, including the capability to steal FTP server credentials from FileZilla application and login credentials from a Chinese UC Browser.
In addition, the attacker panel has been improved, some UI issues were fixed and the authors added an option to encrypt the builds right from the panel and downloaded it as a DLL.Via ZDNet
