Security News > 2022 > June > RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer

RIG Exploit Kit Now Infects Victims' PCs With Dridex Instead of Raccoon Stealer
2022-06-21 22:41

The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022.

The switch in modus operandi, spotted by Romanian company Bitdefender, comes in the wake of Raccoon Stealer temporarily closing the project after one of its team members responsible for critical operations passed away in the Russo-Ukrainian war in March 2022.

The Rig Exploit Kit is notable for its abuse of browser exploits to distribute an array of malware.

First spotted in 2019, Raccoon Stealer is a credential-stealing trojan that's advertised and sold on underground forums as a malware-as-a-service for $200 a month.

That said, the Raccoon Stealer actors are already working on a second version that's expected to be "Rewritten from scratch and optimized." But the void left by the malware's exit is being filled by other information stealers such as RedLine Stealer and Vidar.

In April 2022, Bitdefender discovered another Rig Exploit Kit campaign distributing the RedLine Stealer trojan by exploiting an Internet Explorer flaw patched by Microsoft last year.


News URL

https://thehackernews.com/2022/06/rig-exploit-kit-now-infects-victims-pcs.html