Raccoon Malware Resurfaces in Dark Web with New Stealing Capabilities

It has recently come to light that the individuals responsible for the development and distribution of the infamous Raccoon Stealer malware have returned to online hacker forums.

This news follows a period of six months where the perpetrators had ceased all activity and remained silent.

The Raccoon Stealer malware works by stealing sensitive information from unsuspecting victims, making this development a cause for concern among cybersecurity professionals and the general public alike.

Their latest move, spotted by SOCRadar, involves introducing an updated version of the malware labeled since Aug. 15, 2023, to attract cyber criminals.

Post of the user “raccoon stealer” in a hacker forum (Source: SOC radar)

In the post, the developers express gratitude for the community’s support, detail their intentions to prevent past controversies, and emphasize their commitment to delivering a superior user experience based on feedback and market trends.

Raccoon Stealer’s Notable History

Raccoon Stealer first emerged in 2019 and has since gained notoriety for its widespread usage as an information-stealing malware. 

It was available for purchase through a subscription model, with prices starting at $200 per month and increased to $275 per month as of August 21, 2023. 

The malware was employed to compromise more than 60 applications, facilitating the theft of sensitive data like login credentials, credit card information, browsing history, cookies, and even cryptocurrency wallet details.

The project faced disruption in October 2022 when its primary creator, Mark Sokolovsky, was arrested in the Netherlands. 

The FBI’s efforts led to dismantling the malware-as-a-service operation’s infrastructure. 

However, the developers of Raccoon Stealer have remained determined to continue their malicious activities.

The Latest Version and Added Features

The most recent announcement from the Raccoon Stealer developers reveals the release of version 2.3.0. 

The malware offers various enhancements designed to improve user experience while also expanding its capabilities. 

This update was influenced by feedback and requirements expressed by the hacker community. Notable features include:

Quick Search for Cookies and Passwords

Screenshot of the search feature. (Source: SOC radar)

Automatic Blocking of Bots helps in identifying and thwarting automated bot activity.

Log Statistics and Graphs

 Log Graphs in Raccoon Stealer. (Source: SOC radar)

Increased Output

The limit for data size per request has been raised, allowing the malware to handle larger amounts of data.

A recent sample uploaded to Malware Bazaar on August 16 provides insights into the functionality of Raccoon Stealer’s latest version. 

The latest version of Raccoon Stealer clearly demonstrates its capabilities to steal a wide array of information, including cookies, credentials, system information, and even cryptocurrency wallets. 

With these enhanced features and functionalities, Raccoon Stealer remains a significant threat to individuals and organizations alike.

Refer to SOCRadar for more in-depth analysis, IoCs, and further insights.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.