Security News > 2022 > January > New RedLine malware version spread as fake Omicron stat counter
A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure.
RedLine is a widespread commodity malware sold to cyber-criminals for a couple of hundred USD. It supplies dark web markets with over half of the stolen user credentials sold to other threat actors.
RedLine targets user account credentials stored on the browser, VPN passwords, credit card details, cookies, IM content, FTP credentials, cryptocurrency wallet data, and system information.
The most recent variant was spotted by analysts at Fortinet, who noticed several new features and improvements on top of an already information-stealing functionality.
The additional apps targeted by the new RedLine variant are the Opera GX web browser, OpenVPN, and ProtonVPN. Previous versions of RedLine targeted regular Opera, but the GX is a special "Gamer-focused" edition growing in popularity.
As this is a new version of RedLine, we will likely see other threat actors adopt its use soon.