State of the Info Stealers
Info stealers are a type of Trojan that reside on a computer in order to collect information to deliver to the attacker. Typically these attacks target credentials that can be found on sites such as financial services and social platforms, they can also steal information from emails, VPN credentials, browser cache, crypto wallets and more. Info stealers can also be seen as keyloggers, designed to be able to reveal sensitive information to the attacker by tracking keystrokes.
Info stealers usually spread through phishing emails, malicious web pages or compromised software. They can use various methods to obtain this sensitive data, some of them can be:
1. Form grabbing.
2. Keylogging
3. Passwords stored in the systems like cookies.
4. Web injection scripts adding extra fields to be sent to the attacker.
There are many families of info stealers on the Russian black market, among them Raccoon, Vidar, Redline and Lumma. They promise their customers easy to use interfaces, easy to deploy in their work environment, ease of exploiting the Trojan on their victims and advanced exfiltration methods so that they cannot be detected. Info stealers can be purchased on the black market with a range of $200 to $700. Some characteristics of them are:
Raccoon
Raccoon has the ability to take screenshots, verify system configurations, obtain operating system information, IP, usernames, passwords, Outlook information and even steal information from cryptocurrency wallets.
Vidar
Vidar has an easy-to-use control panel where you can configure the malware to attack specific victims. The dashboard even allows to obtain user settings, status of deployed malware and logs. Vidar is capable of stealing cookies, logs, autocomplete information and credit card details.
Avoidance
Be careful when visiting suspicious URLs, usually browsers can give references when a page is catalogued as suspicious. Do not open and avoid downloading files from untrusted sources. These can come from email, to pirated software containing info stealers. Keep an anti-malware software on hand, these are not 100% reliable, however it is a layer of security that can help protect against simple viruses.
Conclusion
Infostealers can have repercussions on the privacy and integrity of people’s assets, causing data breaches and financial losses. These not only affect people’s personal lives, but also those of organizations when data is linked to personal computers.