Security News > 2022 > April > New ZingoStealer infostealer drops more malware, cryptominers
A new information-stealing malware called ZingoStealer has been discovered with powerful data-stealing features and the ability to load additional payloads or mine Monero.
The new malware was created and released for free by a group of threat actors named the "Haskers Gang," who recently attempted to sell its source code for $500. Soon after researchers at Cisco Talos spotted that offering, ZingoStealer changed hands and was transferred to a new threat actor who will undertake the development effort.
The simple solution to cover this gap in features is to have ZingoStealer deploy RedLine Stealer, which in fact, is its most frequently deployed second-stage payload. ZingoStealer performs a geolocation check to ensure the victim isn't located in a CIS country, as it's predominately used by Russian-speaking actors, and then requests a list of URLs for the retrieval and execution of more payloads.
In addition to the above, ZingoStealer also features the XMRig cryptocurrency mining malware to use the victim's computer for direct financial profit.
ZingoStealer is new, and its future is uncertain and volatile, but the fact that hackers can grab it for free and deploy it without limitations makes it a candidate for becoming a prevalent threat.
The competition in the field is now fierce as the information-stealer malware space has become quite crowded lately, but if the new owners prove themselves capable, ZingoStealer will continue to grow.