This malware steals your passwords and is on sale for anyone who wants to use it
June 29, 2022
By Kim Komando
Using a Password Manager is the best way to protect your authentication details for websites and services. Unfortunately, some people take the easy route by letting their internet browser do all the critical remembering.
Browsers like Google’s Chrome or Mozilla’s Firefox can store usernames, passwords, addresses and credit card information. The tool known as AutoComplete data makes it easy to fill in details on websites.
But it’s not as secure as you might think or hope. Read on for frightening details on how an updated malware variant can steal your critical information for as little as $50.
Here’s the backstory
Malware often undergoes several iterations as the developers fine-tune its capabilities and delivery methods. A good example is the prominent information grabber, Raccoon Stealer.
Several cybercriminal groups have used the malware since 2019, but operations abruptly stopped in March this year. However, according to cybersecurity company Sekoia, a revived Racoon Stealer popped up on hacker forums in early June.
The two-month hiatus, according to Sekoia, is attributed to the death of one of its developers during the Russian invasion of Ukraine. However, version two of Raccoon Stealer can inflict more damage than the previous variant.
Distribution of the malware happens through fake installers or cracked versions of popular software. For example, an investigation found Raccoon Stealer hiding in the files of a fake F‑Secure VPN installer, Proton VPN installer and R-Studio Network installer.
Once an infected device connects to the internet, the malware starts working. According to the post on a hacker forum, Raccoon Stealer can:
- Steal passwords, cookies and autocomplete information from all popular browsers.
- Infiltrate browser-based and desktop cryptocurrency wallets.
- Steal data from individual system files.
- Set up to listen for specific files and folders and automatically grab them.
- Capture screenshots.
What you can do about it
It’s scary to think that a small piece of coding can cause so much damage for as little as $50. But that is precisely what Raccoon Stealer is all about. This variant is Malware-as-a-Service (MaaS), where criminals pay a usage fee so they don’t have to create their own malware.
The good news is there are a few ways to keep your data private and lock down your information. Here are some suggestions:
- Never download files from third-party libraries. Always go to the official source and double-check that you are installing the correct app.
- Don’t click on links or open attachments that you receive in unsolicited emails or text messages.
- Not only is downloading pirated (or cracked) software illegal, but it’s a popular way for criminals to distribute malware.
- Update your operating system, browser and other apps to the latest versions. Some updates give you extra features, but they almost always include security patches.
- Always have robust antivirus software on all of your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Keep reading
Ignore that text from your bank – It could plant malware on your phone
Scary new malware takes over your browser to show you fake search results
https://www.komando.com/tips/cybersecurity/raccoon-stealer-malware/