密碼竊賊RedLine Stealer繼續喺地球上凱旋而歸

Bitdefender information security company specialist spoke about the campaign discovered at the beginning of this year to distribute the RedLine Stealer password thief.

The vast majority of stolen credentials sold on two large underground darknet marketplaces are collected using the RedLine Stealer 惡意軟件.Insikt Group experts recently said.

This month alone, cybercriminals carried out 10,000 attacks in more than 150 countries and regions around the world, including the United States, Germany, Egypt, China, and Canada. 然而, the actual number of attacks may be higher, as the experts only took into account the number of notifications from Bitdefender’s security solutions.

By the way, we also talked about this malware in the article: RedLine Stealer malware is the main source of credentials in two major marketplaces.

RedLine Stealer is a password stealing software that can be bought on hacker forums at a very low price. During the campaign detected by Bitdefender, malware is distributed using the RIG Exploit Kit through the CVE-2021-26411 vulnerability in Internet Explorer.

Judging by the number of countries attacked, the infostealer is not geared towards attacks on any particular country.

When executed on the attacked system, RedLine Stealer searches for usernames, as well as information about hardware, installed browsers and antivirus solutions, and extracts data such as passwords, saved bank card data, cryptocurrency wallets, credentials for VPN services, 等.

When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN logins) to a remote command and control server.Bitdefender specialits say.

密碼竊賊RedLine Stealer
Data stolen by RedLine Stealer

With RedLine Stealer, hackers can extract credentials from browsers, FTP clients, email apps, instant messengers, and VPN services, and sell them on the dark web.

Stolen corporate data such as user credentials regularly ends up on paste sites and dark web channels, allowing cybercriminals to purchase the data, and potentially use it to gain access to an organization’s network or systems.the researchers say and advise users be stricter about data security.

黑尔加·史密斯

我一直對電腦科學感興趣, 尤其是數據安全和主題, 而家被稱為 "數據科學", 由我十幾歲開始. 在進入病毒清除團隊擔任主編之前, 我曾喺多傢公司擔任網絡安全專家, 包括亞馬遜嘅承包商之一. 另一種體驗: 我在雅頓大學同雷丁大學任教.

留言

本網站使用Akismet嚟減垃圾郵件. 瞭解如何處理評論數據.

“返回頂部”按鈕