Tuesday, April 13, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data

December 8, 2020
in Internet Privacy
Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

A cybercrime group known for targeting e-commerce websites unleashed a “multi-stage malicious campaign” earlier this year designed with an intent to distribute information stealers and JavaScript-based payment skimmers.

In a new report published today and shared with The Hacker News, Singapore-based cybersecurity firm Group-IB attributed the operation to the same group that’s been linked to a separate attack aimed at online merchants using password-stealing malware to infect their websites with FakeSecurity JavaScript-sniffers (JS-sniffers).

You might also like

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

What Does It Take To Be a Cybersecurity Researcher?

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

The campaign progressed in four waves, starting in February and ending in September, with the operators relying on specially-crafted phishing pages and lure documents laced with malicious macros to download Vidar and Raccoon information stealers onto victim systems.

The ultimate goal of the attack, the researchers noted, was to steal payment and user data via several attack vectors and tools to deliver the malware.

The fake web pages were created using the Mephistophilus phishing kit, which allows attackers to create and deploy phishing landing pages engineered for distributing malware.

“Attackers sent links to fake pages that informed victims about a missing plugin required to display the document correctly,” Group-IB researchers explained in an analysis of the cybercrime group’s tactics last November. “If a user downloaded the plugin, their computer was infected with the password-stealing malware.”

Malware Attack

While the first wave of the campaign in February and March delivered the Vidar password stealer to intercept passwords from user browsers and various applications, subsequent iterations switched to the Raccoon stealer and AveMaria RAT to meet its objectives.

Raccoon, first documented by Cybereason last year, comes with a wide range of capabilities and communicates with a command-and-control (C2) server to siphon data — including screenshots, credit card information, cryptocurrency wallets, stored browser passwords, emails, and system details.

Raccoon is also unique in that it bypasses the blocking of active C2 servers by making a request to a Telegram channel (“blintick”) in order to receive the encrypted address of the C2 server, besides offering 24×7 customer support to community questions and comments through the chat service.

AveMaria RAT, likewise, is capable of ensuring persistence, recording keystrokes, injecting malicious code, and exfiltrating sensitive files, among others.

Both Vidar and Raccoon are sold as malware-as-a-service (MaaS) on underground forums. The rental price for Vidar stealer ranges from $250 to $300 per month, whereas the latter costs $200 a month to use.

Along with the four stages described above, Group-IB also observed an interim phase between May to September 2020, during when as many as 20 online stores were infected with a modified JS-sniffer of the FakeSecurity family.

Malware Attack

Interestingly, the infrastructure used to distribute the Vidar and Raccoon stealers shared similarities with those used to store the sniffer code and collect stolen bank card data, leading the researchers to link the two campaigns.

The development is yet another sign that adversaries are stepping up their efforts to compromise online marketplaces to pilfer customer payment information, even as law enforcement agencies are working to tackle cybercrime.

Earlier this January, the Interpol, acting on digital forensic evidence from Group-IB, nabbed three individuals associated with a group called “GetBilling” as part of an operation codenamed Night Fury for running a JS-sniffer campaign in Indonesia.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

Free 500 page + book on Applications of Deep Neural Networks

Next Post

Brazil's population exposed in Ministry of Health leaks

Related Posts

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data
Internet Privacy

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

April 13, 2021
What Does It Take To Be a Cybersecurity Researcher?
Internet Privacy

What Does It Take To Be a Cybersecurity Researcher?

April 12, 2021
Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021
Internet Privacy

Windows, Ubuntu, Zoom, Safari, MS Exchange Hacked at Pwn2Own 2021

April 12, 2021
Hackers Tampered With APKPure Store to Distribute Malware Apps
Internet Privacy

Hackers Tampered With APKPure Store to Distribute Malware Apps

April 10, 2021
[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business
Internet Privacy

[WHITEPAPER] How to Achieve CMMC Security Compliance for Your Business

April 10, 2021
Next Post
Brazil’s population exposed in Ministry of Health leaks

Brazil's population exposed in Ministry of Health leaks

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Billions of smartphone owners will soon be authorising payments using facial recognition
Internet Security

Billions of smartphone owners will soon be authorising payments using facial recognition

April 13, 2021
Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data
Internet Privacy

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

April 13, 2021
Caruso real estate to accept Bitcoin as rent payment in industry first
Blockchain

Caruso real estate to accept Bitcoin as rent payment in industry first

April 12, 2021
AI, Machine And Deep Learning: Filling Today’s Need for Speed And Iteration
Machine Learning

AI, Machine And Deep Learning: Filling Today’s Need for Speed And Iteration

April 12, 2021
WOMEN IN A.I. ~ Future is Female
Neural Networks

WOMEN IN A.I. ~ Future is Female

April 12, 2021
Stumbling blocks to digital transformation: Monday’s daily brief
Digital Marketing

Stumbling blocks to digital transformation: Monday’s daily brief

April 12, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Billions of smartphone owners will soon be authorising payments using facial recognition April 13, 2021
  • Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data April 13, 2021
  • Caruso real estate to accept Bitcoin as rent payment in industry first April 12, 2021
  • AI, Machine And Deep Learning: Filling Today’s Need for Speed And Iteration April 12, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates