Security News > 2022 > March > New BlackGuard password-stealing malware sold on hacker forums

A new information-stealing malware named BlackGuard is winning the attention of the cybercrime community, now sold on numerous darknet markets and forums for a lifetime price of $700 or a subscription of $200 per month.
BlackGuard's evasion capabilities are still under heavy development, but some systems are already in place to help the malware escape detection and analysis.
Finally, an anti-debug feature blocks the operation of the mouse and keyboard inputs, making it further difficult for researchers to analyze the malware.
"Given the increase in usage and exploitation of compromised accounts and data obtained by information stealers as a vector for initial access to a target, KELA has recently observed new variants being advertised on cybercrime forums, as threat actors aim at improving the malware capabilities to better avoid detection and to advance the data collection and exfiltration processes."
"In a different scenario, KELA identified META - a new information stealer very similar in appearance to RedLine, whose collected data is being sold on the TwoEasy botnet marketplace. The stealer was launched at the beginning of March, now sold for USD125 per month or USD1000 for unlimited use, and the operators claim that it is an improved version of RedLine."
An open source advocate and Linux enthusiast, is currently finding pleasure in following hacks, malware campaigns, and data breach incidents, as well as by exploring the intricate ways through which tech is swiftly transforming our lives.
News URL
Related news
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign (source)
- North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures (source)
- Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware (source)
- Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware (source)