Racoon Stealer is Back — How to Protect Your Organization

Racoon Stealer is Back — How to #Protect Your Organization

The new version of #RaccoonStealer still has the ability to steal #browser #passwords, #cookies, and #autofill data. It also has the ability to steal any #creditcard numbers that are saved in the browser.

Additionally, the latest version of Raccoon Stealer is far more capable than its predecessor when it comes to stealing #cryptocurrency. Not only can Raccoon Stealer attack cryptocurrency wallets, but it also has the ability to attack numerous cryptocurrency-related browser plugins.

The developers of Raccoon Stealer have also enhanced the malware's ability to harvest file data. Whereas the previous version was eventually enhanced to allow the theft of individual files, the latest version is capable of stealing files regardless of which disk they reside. Additionally, the new version of Raccoon Stealer can capture a list of the applications that are installed on the machine, which can be useful in helping an attacker to know what types of data files might exist and be worth stealing.

Perhaps most disturbingly, Raccoon Stealer is able to capture screenshots from an infected system. Screen captures could be used for a countless variety of nefarious purposes. For example, an attacker could conceivably watch someone enter payment information related to purchase and take a screen capture of the checkout screen, thereby capturing not just a credit card number, but all of the supporting details that might be required in order to use the credit card (such as the card's security code and the cardholder's name and address). Of course, a screen capture feature could be used to steal any type of sensitive data and an attacker who has created such a screen capture could use it as the basis for a cyber extortion scheme.

More at https://thehackernews.com/2022/07/racoon-stealer-is-back-how-to-protect.html