Found 25 bookmarks
Custom sorting
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
Rhadamanthys v0.5.0 - a deep dive into the stealer’s components
Rhadamanthys v0.5.0 - a deep dive into the stealer’s components
  • The Rhadamanthys stealer is a multi-layer malware, sold on the black market, and frequently updated. Recently the author released a new major version, 0.5.0. In the new version, the malware expands its stealing capabilities and also introduces some general-purpose spying functions. A new plugin system makes the malware expandable for specific distributor needs. The custom executable formats, used for modules, are unchanged since our last publication (XS1 and XS2 formats are still in distribution). Check Point Research (CPR) provides a comprehensive review of the agent modules, presenting their capabilities and implementation, with a focus on how the stealer components are loaded and how they work.
#checkpoint#EN#2023#Rhadamanthys#stealer#malware#analysis
·research.checkpoint.com·
Rhadamanthys v0.5.0 - a deep dive into the stealer’s components
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
New RisePro Stealer distributed by the prominent PrivateLoader
New RisePro Stealer distributed by the prominent PrivateLoader
PrivateLoader is an active malware in the loader market, used by multiple threat actors to deliver various payloads, mainly information stealer. Since our previous investigation, we keep tracking the malware to map its ecosystem and delivered payloads. Starting from this tria.ge submission, we recognized a now familiar first payload, namely PrivateLoader. However, the dropped stealer was not part of our stealer growing collection, notably including RedLine or Raccoon. Eventually SEKOIA.IO realised it was a new undocumented stealer, known as RisePro. This article aims at presenting SEKOIA.IO RisePro information stealer analysis.
#sekoia#EN#2022#PrivateLoader#malware#stealer#RisePro#analysis
·blog.sekoia.io·
New RisePro Stealer distributed by the prominent PrivateLoader
The Case of Cloud9 Chrome Botnet
The Case of Cloud9 Chrome Botnet
The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user's device and subsequently assume control of the entire device. In this blog, we will take a deeper look into this malicious browser extension.
#zimperium#EN#2022#browser#extension#Cloud9#malicious#stealer#malware#Analysis
·zimperium.com·
The Case of Cloud9 Chrome Botnet
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon is a malware family that has been sold as malware-as-a-service on underground forums since early 2019. In early July 2022, a new variant of this malware was released. The new variant, popularly known as Raccoon Stealer v2, is written in C unlike previous versions which were mainly written in C++.
#zscaler#EN#2022#Raccoon#malware#malware-as-a-service#Stealer
·zscaler.com·
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
New RisePro Stealer distributed by the prominent PrivateLoader
New RisePro Stealer distributed by the prominent PrivateLoader
PrivateLoader is an active malware in the loader market, used by multiple threat actors to deliver various payloads, mainly information stealer. Since our previous investigation, we keep tracking the malware to map its ecosystem and delivered payloads. Starting from this tria.ge submission, we recognized a now familiar first payload, namely PrivateLoader. However, the dropped stealer was not part of our stealer growing collection, notably including RedLine or Raccoon. Eventually SEKOIA.IO realised it was a new undocumented stealer, known as RisePro. This article aims at presenting SEKOIA.IO RisePro information stealer analysis.
#sekoia#EN#2022#PrivateLoader#malware#stealer#RisePro#analysis
·blog.sekoia.io·
New RisePro Stealer distributed by the prominent PrivateLoader
The Case of Cloud9 Chrome Botnet
The Case of Cloud9 Chrome Botnet
The Zimperium zLabs team recently discovered a malicious browser extension, originally called Cloud9, which not only steals the information available during the browser session but can also install malware on a user's device and subsequently assume control of the entire device. In this blog, we will take a deeper look into this malicious browser extension.
#zimperium#EN#2022#browser#extension#Cloud9#malicious#stealer#malware#Analysis
·zimperium.com·
The Case of Cloud9 Chrome Botnet
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon is a malware family that has been sold as malware-as-a-service on underground forums since early 2019. In early July 2022, a new variant of this malware was released. The new variant, popularly known as Raccoon Stealer v2, is written in C unlike previous versions which were mainly written in C++.
#zscaler#EN#2022#Raccoon#malware#malware-as-a-service#Stealer
·zscaler.com·
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon is a malware family that has been sold as malware-as-a-service on underground forums since early 2019. In early July 2022, a new variant of this malware was released. The new variant, popularly known as Raccoon Stealer v2, is written in C unlike previous versions which were mainly written in C++.
#zscaler#EN#2022#Raccoon#malware#malware-as-a-service#Stealer
·zscaler.com·
Raccoon Stealer v2: The Latest Generation of the Raccoon Family
Raccoon Stealer: “Trash panda” abuses Telegram
Raccoon Stealer: “Trash panda” abuses Telegram
We recently came across a stealer, called Raccoon Stealer, a name given to it by its author. Raccoon Stealer uses the Telegram infrastructure to store and update actual C&C addresses.  Raccoon Stealer is a password stealer capable of stealing not just passwords, but various types of data, including: Cookies, saved logins and forms data from […]
#avast#stealer#EN#2022#RaccoonStealer#Telegram#research#malware#passwordstealer
·decoded.avast.io·
Raccoon Stealer: “Trash panda” abuses Telegram