Despite FBI takedown, infamous Raccoon Stealer malware returns

Raccoon Stealer redux: The resurgence

In the world of digital wrongdoing, it seems some cyber pests never really go extinct. Remember Raccoon Stealer? If you don't, it is a malware strain, and you might want to brace yourself. It's back, it's bolder and it's up to no good – again.

Picture this: A malware so astute it pilfers data from a whopping 60 applications. We're talking login details, credit card numbers, those treasured browser histories you thought were safe and even the ever-popular cryptocurrency accounts. 

Now, what if I told you that this notorious service was available to any aspiring hacker for a mere $200 subscription a month? It's the Netflix of cybercrime, except you get stolen credentials instead of shows. Here's how it works. 

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

A glimpse into Raccoon's arsenal

Targeted applications: By targeting up to 60 distinct apps, Raccoon Stealer doesn't just rely on broad strokes. It has an extensive and specific hit list, meticulously programmed to dive deep into popular applications where you often store or autofill your most sensitive information.

Credential harvesting: This isn't your ordinary phishing scheme. Raccoon Stealer employs advanced techniques to sneakily extract login details. By tapping into stored credentials within browsers and other vulnerable apps, it ensures that the stolen data is legitimate and current.

Financial data looting: Credit card numbers aren't just lying around. But when you save them on e-commerce sites or payment apps for convenience, Raccoon is on the prowl. With sophisticated algorithms, it identifies and captures these numbers, complete with their expiration dates and CVVs.

Browser history insight: By examining browser histories, Raccoon Stealer can understand your behavior, interests, frequented sites and even potential vulnerabilities. It's like handing over a diary of your digital life.

Cryptocurrency coup: Given the rise in cryptocurrency popularity and value, many of you store your digital wallet details on apps or browsers. Raccoon Stealer identifies these details, potentially giving hackers access to your virtual fortune.

A man types on a computer while holding a smartphone. (CyberGuy.com)

MORE: TOP IDENTITY THEFT SCAMS TO AVOID

Pest control

However, every story has its drama. And Raccoon's tale is no exception. In 2022, the digital world breathed a sigh of relief. The leading developer, Mark Sokolovsky, was arrested in the picturesque Netherlands. 

In tandem with law enforcement from Italy and the Netherlands, the FBI orchestrated a takedown of Raccoon's digital infrastructure. 

Unearthing Raccoon’s massive operation and stolen credentials 

Not only was Sokolovsky nabbed, but the FBI also began to unravel the magnitude of Raccoon's operations. More than 50 million unique credentials – encompassing emails, bank details and cryptocurrency addresses – were unearthed, painting a picture of the malware's vast reach.

HOW TO SET UP FREE MESSAGING ON YOUR PHONE WHILE TRAVELING INTERNATIONALLY

Empowering potential victims

To help potential victims, the FBI launched raccoon.ic3.gov. Here, users could verify if their email was among the compromised data. Matches triggered an email alert from the FBI, guiding victims on their next steps.

A computer user clicks on a security link. (CyberGuy.com)

Unveiling the resurgent, rejuvenated Raccoon malware 

Here's the twist: The recent chatter in the cyber underground suggests our sneaky little Raccoon wasn't really down for the count. Boasting a rejuvenated 2.3.0 version, this malware seems like it's had a few cups of coffee, reenergized and equipped with features you'd think were straight out of a sci-fi movie.

MORE: DON'T FALL FOR THESE WRONG NUMBER TEXTING SCAMS

Raccoon 2.3.0: upgraded, stealthier and more malicious

With its latest update, Raccoon 2.3.0 emerges as a more formidable threat, boasting heightened stealth and an amplified malicious intent. Here's how: 

Rapid retrieval with quick search: Gone are the days of manually sifting through stacks of stolen data. With the new quick search tool on the Raccoon Stealer dashboard, cybercriminals can now pinpoint specific stolen data swiftly. Whether they're after credentials, documents or any pilfered data, this feature ensures a faster retrieval from expansive datasets.

Countering security bots: Raccoon Stealer has upped its game in terms of stealth. The malware now detects suspicious activities that might hint at security-assisting bots. How does it react? If it spots multiple access events from the same IP, it doesn't just get suspicious; it deletes the records in question and promptly updates all its client pads, ensuring no trace remains.

MORE: PIG BUTCHERING' SCAMS: WHAT TO KNOW ABOUT THE ONLINE SCHEMES AND HOW TO AVOID THEM

So, how do you guard your digital domain?

Have strong passwords: Using the same password across multiple platforms will always make you more vulnerable because if one account gets hacked, they all get hacked.  Make sure to use a password manager to keep track of all your passwords. Instead of relying on a single password which, if stolen, can expose you.

Use 2-factor authentication: Implementing two-factor authentication is just an extra shield that will prevent a hacker from getting into your accounts.

Have good antivirus software on all your devices: The best way to protect yourself from malware like this is to have antivirus protection installed on all your devices. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information. 

See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to Cyberguy.com/LockUpYourTech. 

When in doubt: Picture this: a dimly lit alleyway with a sign that says "Free Gold Here!" Sounds suspicious? That's the online equivalent of dubious websites offering tantalizing downloads. Even if they lure you in with promises from seemingly legitimate sources (like Google Ads or seemingly authentic YouTube videos), always be skeptical. Check the website's credentials, look for secure connection indicators (like the padlock symbol), and if in doubt, steer clear.

Man types on a laptop computer in a stock image. (CyberGuy.com)

Use identify theft protection: Identity theft protection companies can monitor personal information like your home title, Social Security Number (SSN), phone number and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft by heading to CyberGuy.com/IdentityTheft.

Create alias email addresses:  Sometimes, it's best to create various email aliases so that you don't have to worry about all your info getting taken in a data breach. An email alias address is a great way for you to stop receiving constant spam mail by simply deleting the email alias address. To find out more about upgrading the security of your email, head over to CyberGuy.com/Mail.

When the damage is done: Immediate recovery steps

And if the Raccoon has already rummaged through your digital trash?

Scan your device: Think of it as a digital health checkup. Use a trusted antivirus as I mentioned above to run a comprehensive scan to detect and remove any lingering traces of malware. Don't just stop there. Schedule regular checks to ensure your device stays in top health.

SIX PRIVACY AND SECURITY QUESTIONS AND ANSWERS TO CLEAR UP ONCE AND FOR ALL

Alert financial institutions: Just as you'd report a missing credit card, if you believe your info might've fallen into the wrong hands, it's crucial to inform your banks and credit card companies. They can monitor for suspicious activities or temporarily freeze your accounts to prevent unauthorized access.

Stay updated: It might be tempting to hit "remind me tomorrow" on those software updates, but those patches often address known vulnerabilities. Cybercriminals are always on the hunt for out-of-date software. By staying updated, you're essentially closing the doors they're looking to sneak in through.

GOOGLE SECURITY CHECK: 60 SECONDS TO KICK OUT SNOOPS AND HACKERS

Kurt's key takeaways 

The digital realm is a mesmerizing blend of innovation, opportunities and, unfortunately, nefarious activities. With its revamped tactics, Raccoon Stealer underscores a vital truth: cybersecurity isn't a one-off task. It's an ever-evolving challenge, demanding constant vigilance and updates. As tech advances, so do cybercriminal tactics. Yet, every time we read about these threats, it reinforces our collective determination to bolster our defenses.

Here's a thought for all of us: How prepared are we for this ever-changing digital landscape? And here's a nudge for you: Drop your thoughts below. Do you feel you're adequately equipped to handle such threats? Or you've got a story or tip to share from your experiences. 

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Copyright 2023 CyberGuy.com.  All rights reserved.

Load more..