"Raccoon Stealer-As-A-Service Will Now Try To Grab Your Cryptocurrency"
Raccoon Stealer has been upgraded by its developer to steal cryptocurrency alongside financial information. Sophos obtained samples revealing that the stealer is being bundled with malware, including malicious browser extensions, cryptocurrency miners, the Djvu/Stop consumer ransomware strain, and click-fraud bots targeting YouTube sessions. Sophos researchers found that the malware was not spread through spam emails in the new campaign, which was the usual initial attack vector linked to Raccoon Stealer but was instead spread through droppers disguised as installers for cracked and pirated software. The researchers stated that the Raccoon Stealer is able to monitor for and collect account credentials, cookies, website "autofill" text, and financial information that may be stored on an infected machine. The upgraded stealer also now has a "clipper" for cryptocurrency-based theft. Wallets, and their credentials, in particular, are targeted by the QuilClipper tool, as well as Steam-based transaction data.
ZDNet reports: "Raccoon Stealer-As-A-Service Will Now Try To Grab Your Cryptocurrency"