Racoon stealer malware suspends its operations due to war on Ukraine

545

Those behind the spread of passwords stealing gang dubbed Racoon Stealer have announced that they are temporarily shutting their operations as they lost a crucial gang member in the invasion of Ukraine.

Details are in that Racoon Stealing malware aka password stealing malicious software was being distributed in a MAAS (malware as a service) service for a price range of $75 to $200 on monthly note. It was being used to steal vital info such as cryptocurrency, wallet details, browser credentials, credit card details and email data.

As the information stealing malware gang lost a crucial member from their group, they shut down the operation to infect machines temporarily.

It is unclear whether the service will be reopened after a specific period. But the members of Racoon stealer have been moved to another gang dubbed Mars Stealer that operates similar to that of Racoon.

Interestingly, several dark web operating gangs that live in Ukraine are finding it difficult to sustain because of the ongoing war with Russia.

Highly placed sources report that since most of the cyber criminals were living in the neighboring nations of the Putin led nation, they are now finding it difficult to make a living and so went into a temporary hiatus.

Meanwhile, US law enforcement agency FBI has issued a formal alert that Triton malware is busy targeting energy firms and has the potential to cause disruption of operations or operate in an unsafe manner.

It is believed that the malware is backed by the Russian Central Scientific Research Institute of Chemistry and Mechanics, a Russian intelligence backed agency and was seen previously targeting companies like Schneider Electric since 2017.

Thence companies operating in energy sector, especially those in the west, are being urged by FBI to rise their defense-line against such malware attacks.

Ad
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display