#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

Infostealer | Breaking Cybersecurity News | The Hacker News

Category — Infostealer
Inside Raccoon Stealer V2

Inside Raccoon Stealer V2

Nov 02, 2022
Raccoon Stealer is back on the news again. US officials arrested Mark Sokolovsky, one of the malware actors behind this program. In July 2022, after several months of the shutdown, a Raccoon Stealer V2 went viral. Last week, the Department of Justice's press release stated that the malware collected 50 million credentials. This article will give a quick guide to the latest info stealer's version. What is Raccoon infostealer V2? Raccoon Stealer  is a kind of malware that steals various data from an infected computer. It's quite a basic malware, but hackers have made Raccoon popular with excellent service and simple navigation.  In 2019, Raccoon infostealer was one of the most discussed malware. In exchange for $75 per week and $200 per month, cybercriminals sold this simple but versatile info stealer as a MaaS. The malware was successful in attacking a number of systems. In March 2022, however, threat authors ceased to operate.  An updated version of this malware was...
Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware

Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware

Aug 16, 2022
Russian state-sponsored actors are continuing to strike Ukrainian entities with information-stealing malware as part of what's suspected to be an espionage operation. Symantec, a division of Broadcom Software,  attributed  the malicious campaign to a threat actor tracked  Shuckworm , also known as  Actinium ,  Armageddon , Gamaredon, Primitive Bear, and Trident Ursa. The findings have been  corroborated  by the Computer Emergency Response Team of Ukraine (CERT-UA). The threat actor, active since at least 2013, is known for explicitly singling out public and private entities in Ukraine. The attacks have since ratcheted up in the wake of Russia's military invasion in late 2022. The latest set of attacks are said to have commenced on July 15, 2022, and ongoing as recently as August 8, with the infection chains leveraging phishing emails disguised as newsletters and combat orders, ultimately leading to the deployment of a PowerShell stealer malware du...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Future-Ready Trust: Learn How to Manage Certificates Like Never Before

WebinarTrust Management / SSL Certificate
Managing digital trust shouldn't feel impossible. Join us to discover how DigiCert ONE transforms certificate management—streamlining trust operations, ensuring compliance, and future-proofing your digital strategy.
New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

Jul 27, 2022
Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed  Ducktail  designed to seize control as part of a financially driven cybercriminal operation.  "The threat actor targets individuals and employees that may have access to a Facebook Business account with an information-stealer malware," Finnish cybersecurity company WithSecure (formerly F-Secure Business)  said  in a new report. "The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim's Facebook account and ultimately hijack any Facebook Business account that the victim has sufficient access to." The attacks, attributed to a Vietnamese threat actor, are said to have begun in the latter half of 2021, with primary targets being individuals with managerial, digital marketing, digital media, and human resources roles in companies. The idea is to target employees with high-level acc...
cyber security

Secure Your Azure: Proactive Tips for Cloud Protection

websiteWizCloud Security
Discover how to boost your Azure cloud security with practical steps to help you maintain control and visibility.
A New Jupyter Malware Version is Being Distributed via MSI Installers

A New Jupyter Malware Version is Being Distributed via MSI Installers

Sep 27, 2021
Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions. The new delivery chain, spotted by  Morphisec  on September 8, underscores that the malware has not just continued to remain active but also showcases "how threat actors continue to develop their attacks to become more efficient and evasive." The Israeli company said it's currently investigating the scale and scope of the attacks. First  documented  in November 2020, Jupyter (aka Solarmarker) is likely Russian in origin and primarily targets Chromium, Firefox, and Chrome browser data, with additional capabilities that allow for full backdoor functionality, including features to siphon information and upload the details to a remote server and download and execute further payloads. Forensic evidence gathered by Morphisec shows that multiple versi...
Expert Insights / Articles Videos
Cybersecurity Resources