Raccoon malware is not a cheap option, yet famous among cybercriminals because it can target a minimum of 60 applications including browsers that people use widely.
Racealer or Raccoon infostealer offers a broad range of capabilities, an easy backend, and usage of bulletproof hosting, and so on. The price of this malware is $200 per month and it was spotted at first by some researchers from Cybereason, a cybersecurity firm in 2019.
The raccoon malware is a lot expensive as compared to its other counterparts and offers a subscription-based model including technical support, relatively cheap updates for Malware-As-A-Service, and bug fixes. Additionally, the other capabilities of this malware have made it an ideal investment for many cybercriminals who seek to steal other’s data as well as cryptocurrency by targeting a broad range of browsers.
A recent analysis conducted by Cyberark shows that not all infostealers are sophisticated. In fact, they use similar techniques in order to steal data. However, the case of Raccoon’s malware is different. It is because it uses C++ malware that can steal information from the overall 60 application and 35 browsers.
Raccoon gets delivered through exploit kits and phishing campaigns
As per Cyberark, the malware of Raccoon is usually delivered through exploit kits and phishing campaigns. Cybercriminals send fraudulent emails to people that contain MS Office documents as attachments containing malicious macros. On the other hand, infostealers host exploit kits on the websites for stealing data.
In order to execute their evil plans, cybercriminals first profile and analyze victims with potential vulnerabilities associated with their browsers. Now, according to this analysis, infostealers direct would-be victims to their exploit kit. And guess what, people get trapped into this and lose their data and cryptocurrency.
The C2 server or Command-and-Control server hides its address through various encryption levels so that it becomes difficult to track it down. As a matter of fact, this C2 server is necessary to transfer stolen information and the configuration updates of the malware.
Raccoon malware can steal various types of data such as financial information, PC data, and online credentials. PC data that it can steal includes the type of operating system installed in the PC along with its version, used language, application lists, and cryptocurrency wallets. Furthermore, it can also steal browser data such as cookies, auto-fill content, history logs, etc.
Moreover, the malware can target a broad range of browsers of Chromium and Mozilla. It includes Google Chrome, Chromium, Comodo Dragon, Chromium Xpom, Amigo, Bromium, Opera, Mustang, Internet Explorer, Firefox, Microsoft Edge, and so many others.