Submitted via IRC for soylent_brown
Hackers are now selling 'Raccoon' data-stealing malware as a $200 monthly service
A new kind of trojan malware is fast gaining currency among cybercriminals for its capability to steal sensitive information, such as credit card data, cryptocurrency wallets, and email credentials.
Dubbed Raccoon Stealer, the malware first emerged in April 2019 and has since infected hundreds of thousands of Windows devices around the world, Boston-based endpoint security solutions provider Cybereason said.
"Its popularity, even with a limited feature set, signals the continuation of a growing trend of the commoditization of malware as they follow a MaaS (Malware-as-a-Service) model and evolve their efforts," the researchers stated.
Costing $200 per month to use, Raccoon is suspected to be of Russian origin and has been found to be aggressively marketed in underground forums, offering prompt 24×7 customer support to community questions and comments on Telegram under the handle "glad0ff."
This "gladoff" actor has been linked previously to a variety of malware like the Decrux and Acrux cryptominers, the Mimosa RAT and the ProtonBot loader, Cybereason said.
(Score: 1, Interesting) by Anonymous Coward on Saturday October 26 2019, @10:50PM (3 children)
https://www.gnu.org/philosophy/stallman-kth.html [gnu.org]
(Score: 3, Informative) by Anonymous Coward on Sunday October 27 2019, @01:13AM (2 children)
Nothing of value to an attacker on his computer = perfectly safe to use no password.
(Score: 2, Interesting) by anubi on Sunday October 27 2019, @04:32AM
That's the same paradigm I use too.
Computers are so cheap these days. I have some online 24/7. I do not do business or personal stuff on them, but you can see if I have water pressure, house temperature, rate of electricity consumption, motion sensors, etc, if you know how to telnet in, and what the numbers you get back mean.
I run stuff in these, along with Wireshark, to see if they are ratware. Maybe, if it's useful enough and hasn't soiled it's reputation, I may transfer the program, usually via FTP, to my " secure" machine, which I connect to the net only when I have to.
It frustrates the shit out of me when people code business websites to reference the cloud. At that point, I have no idea who I am talking to.
Its almost like trying to establish a rapport with a businessman, then once I have his trust, I stick my fingers in my mouth, whistle, and this bozo comes out of nowhere and takes my place, leaving the businessman wondering who is this?
This is not the guy I was talking to.
But that's the way some businesses do business. I try like the dickens to avoid businesses that do that.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 0) by Anonymous Coward on Sunday October 27 2019, @02:59PM
Then you won't mind me using your computer to mine bitcoins or broadcast spam?