Raccoon Malware
Raccoon malware, which harvests information, is gaining popularity with hackers. In a few months, researchers say the malware has already infected hundreds of thousands of devices across the world to go through victims' credit card data and email credentials. Despite being found a few months ago, Raccoon is already one of the top 10 most-mentioned malware in the underground economy right now. The malware is not very sophisticated or innovative, but its malware-as-a-service ( MaaS ) model gives hackers an easy way to make money stealing sensitive data.
Researcher first found Raccoon in April 2019. The malware, written in C++, takes advantage of several delivery methods. These include exploit kits, including Fallout and RIG, as well as phishing attacks and bundled malware. Once installed, Raccoon scours systems for credit card information, cryptocurrency wallets, passwords, emails, cookies, system information and data from popular browsers including saved credit-card info, URLs, usernames and passwords. It then sends that data back to its operator. Raccoon was developed by a team that appears to be from Russia and is Russian speaking. Raccoon was originally sold exclusively in Russian speaking hacking forums, but has spread to English speaking forums as well.
Raccoon malware's popularity is attributed to a variety of reasons. As a MaaS offering, it only costs $200 per month to use, building in features like an automated backend panel, hosting and customer support. Feedback for Raccoon in the underground community is mostly positive. it makes up for the simplicity and lack of features with consistency and an impressive level of service, support and quality user experience.
Raccoon is still under active development, but its popularity, even with a limited feature, points to a growing trend of the commoditization of malware as researchers follow the MaaS model and evolve their efforts.