Wednesday, June 22, 2022
HomeHackerRIG Exploit Package Now Infects Victims' PCs With Dridex As an alternative...

RIG Exploit Package Now Infects Victims’ PCs With Dridex As an alternative of Raccoon Stealer


The operators behind the Rig Exploit Package have swapped the Raccoon Stealer malware for the Dridex monetary trojan as a part of an ongoing marketing campaign that commenced in January 2022.

The swap in modus operandi, noticed by Romanian firm Bitdefender, comes within the wake of Raccoon Stealer quickly closing the venture after one among its crew members answerable for vital operations handed away within the Russo-Ukrainian battle in March 2022.

The Rig Exploit Package is notable for its abuse of browser exploits to distribute an array of malware. First noticed in 2019, Raccoon Stealer is a credential-stealing trojan that is marketed and bought on underground boards as a malware-as-a-service (MaaS) for $200 a month.

CyberSecurity

That mentioned, the Raccoon Stealer actors are already engaged on a second model that is anticipated to be “rewritten from scratch and optimized.” However the void left by the malware’s exit is being crammed by different info stealers comparable to RedLine Stealer and Vidar.

Dridex (aka Bugat and Cridex), for its half, has the aptitude to obtain extra payloads, infiltrate browsers to steal buyer login info entered on banking web sites, seize screenshots, and log keystrokes, amongst others, via completely different modules that permit its performance to be prolonged at will.

RIG Exploit Kit

In April 2022, Bitdefender found one other Rig Exploit Package marketing campaign distributing the RedLine Stealer trojan by exploiting an Web Explorer flaw patched by Microsoft final yr (CVE-2021-26411).

CyberSecurity

That is not all. Final Might, a separate marketing campaign exploited two scripting engine vulnerabilities in unpatched Web Explorer browsers (CVE-2019-0752 and CVE-2018-8174) to ship a malware referred to as WastedLoader, so named for its similarities to WasterLocker however missing the ransomware element.

“This as soon as once more demonstrates that risk actors are agile and fast to adapt to alter,” the cybersecurity agency mentioned. “By design, Rig Exploit Package permits for fast substitution of payloads in case of detection or compromise, which helps cyber prison teams recuperate from disruption or environmental adjustments.”



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments