Raccoon Stealer v2: What You Need to Know…

by Carl Keyser, Content Manager, Integris

July 25, 2022

Raccoons! Trash pandas! Mother Nature’s bandits. Those sneaky little devils. They’ll be the ruination of us all! Okay, maybe not, but there is a new version of Raccoon Stealer that is making the rounds, and it’s proving to be far more dangerous than the fuzzy bundles of chaos who constantly turn over your garbage cans.

The original Raccoon Stealer that launched in 2019 (via malware-as-a-service channels) was INCREDIBLY versatile. It could steal things like browser passwords, cookies, autofill data, and credit card numbers. You name it. If it was stored in your browser, and you were infected, Raccoon Stealer v1 could grab it.

When the development of Raccoon Stealer abruptly stopped in March of this year (2022), researchers knew it was only a matter of time before something new and improved took its place. That time is now, and Raccoon Stealer v2 is a doozy.

Not only can Raccoon Stealer v2 do all the things its predecessor could and more including:

Data Harvesting – Version 1 was limited to individual files. Version 2 can steal any file on any disk.
Application Logging – the malware captures a list of every application installed on the machine, helping the attacker learn what type of data files might be available to steal.
Screen Capturing – There are LOADS of ways screen captures could be used nefariously. You could take a picture of payment information as it’s entered. Any type of sensitive data could be captured via screen capture.

How to Protect Yourself

So…this is going to sound really repetitive. Stop me if you’ve heard it before… Raccoon Stealer v2 installs/infects just like every other malware under the sun: via Phishing attacks.

If you’ve fallen out of your seat due to pure shock, I understand. Take the time you need to reconstitute yourself and we’ll move on. Ready? Good.

Phishing attacks (or Phishing in general) is a type of Social Engineering Attack where individuals are targeted by email (or in some cases text messages). The attacker masquerades as someone else (a co-worker, manager, or individual from an outside organization) to manipulate their target.

The attacker’s goal might be to steal sensitive information such as:

Log-in Credentials
Credit Card Numbers,
Bank Routing Numbers
Checking Account Numbers
Etc.

The attacker might also try to get their target to install malware on their end-point in order to compromise an organization’s network for monetary or disruptive reasons.

There are anti-phishing products available to you (check out our partners Trustifi and Area1) that can really help get the job done. Honestly though, one of the BEST ways to avoid something like this is to educate your end-users. A well educated end-user is your best means of defense.

If you’re interested in learning more, check out our BRAND NEW Social Engineering Attack Guide!

Carl Keyser is the Content Manager at Integris.

Keep reading

How Microsoft 365 management is a game-changer for law firms

Law firms are investing in technologies for operational efficiency and to become more competitive in a crowded market. Increasingly, managed service providers (MSPs) are helping law firms with Microsoft 365 management so that law firms can operate more efficiently and...

Anchor Links Test

This is a test of using anchor links to form a TOC. Table of Contents: Header One Header Two Proin finibus euismod maximus. Vivamus non volutpat nisi. Nullam ac porta diam. Nullam id tortor a ante mattis elementum. Integer vel lorem id velit pharetra venenatis a ut...

Is DeepSeek Safe for My Company’s Systems?

China’s new DeepSeek AI engine Has Ushered in a New Era of Fast-Turn, Low-Cost AI Tools. But Are the Risks Worth the Rewards for US Companies? Key Takeaways: China's DeepSeek has been hailed as the nimble new competitor to US large language AI models—an alternative...