Racoon Stealer was first spotted in the wild in April of 2019. It’s a Trojan virus that’s relatively simple in its construction, but quite adept at collecting password information and sending it back to whomever launched it.
The Senior Director of Threat Hunting at Cybereason, Assaf Dahan, had this to say about the emerging threat:
“Raccoon, like other information stealers, poses significant risks to individuals and organizations alike. Any malware that is designed to steal passwords and personal information from browsers and mail clients could potentially inflict great damage to its victims.
The stolen data is being sold to the highest bidder in the underground community and can be used in many ways–from identity theft, financial theft or even as an entry vector to penetrate an organization and in order to carry out a larger attack.”
In addition to the general hype created by the marketing campaign, the group behind Raccoon provides its criminal user base with more tools. These include an easy-to-use backend, hosting, and dedicated ’round the clock support, all for $200 a month. The data that this little piece of code can obtain can easily generate high amounts of income for the hacker. That makes it a fantastic investment for the criminal underground, which explains the malware’s explosive growth and spread.
In any case, be sure your IT staff is aware, and be on your guard. It looks like Raccoon is here to stay.