Security News > 2024 > February > Ransomware gangs are paying attention to infostealers, so why aren't you?

There appears to be an uptick in interest among cybercriminals in infostealers - malware designed to swipe online account passwords, financial info, and other sensitive data from infected PCs - as a relatively cheap and easy way to get a foothold in organizations' IT environments to deploy devastating ransomware.

If ransomware crews don't want to deploy infostealers themselves, they have the option of paying for copies of credentials harvested from countless infected PCs and exploiting them to get into networks where they can run their extortionware, which might exfiltrate documents, encrypt data, demand a ransom to end the pain, and so on.

We'd even be willing to put money on ransomware crews making use of infostealers, one way or another, for some time already, and it's only now that cybersecurity analysts are highlighting the growing approach.

Even the prolific SIM-swappers-turned-extortionists group Scattered Spider has been known to obtain initial access into victim organizations' environments via infostealers such as RedLine, according to Kimberly Goody, Mandiant's head of cybercrime analysis.

While ransomware gangs and other criminal organizations are paying attention, according to security researchers, corporations still aren't giving infostealers the attention that they should.

X-Force also noted a trend of ransomware groups pivoting to infostealers last year, and says this suggests that stolen credentials have become the preferred method to gain initial access.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/02/29/infostealers_increased_use/