Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data

2020-12-07 04:48

A cybercrime group known for targeting e-commerce websites unleashed a "Multi-stage malicious campaign" earlier this year designed with an intent to distribute information stealers and JavaScript-based payment skimmers.

The ultimate goal of the attack, the researchers noted, was to steal payment and user data via several attack vectors and tools to deliver the malware.

While the first wave of the campaign in February and March delivered the Vidar password stealer to intercept passwords from user browsers and various applications, subsequent iterations switched to the Raccoon stealer and AveMaria RAT to meet its objectives.

Raccoon, first documented by Cybereason last year, comes with a wide range of capabilities and communicates with a command-and-control server to siphon data - including screenshots, credit card information, cryptocurrency wallets, stored browser passwords, emails, and system details.

Interestingly, the infrastructure used to distribute the Vidar and Raccoon stealers shared similarities with those used to store the sniffer code and collect stolen bank card data, leading the researchers to link the two campaigns.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/X4mYQ76sv48/payment-card-skimmer-group-using.html

#payment #paymentcard #skimmer

News URL

Related news