Have you ever heard of “Raccoon Stealer?” No, it’s not a cartoon character. It’s a virus that was taken down by the FBI – but has recently returned.
“Racoon Stealer” swipes data from over 60 applications. This data includes passwords, browser histories, and credit card numbers.
Not only does it have such a broad reach, but this tool has now been made available to other cybercriminals. For $200 a month, any criminal can gain access to this tool, which provides more advanced ways to target and steal invaluable information.
In 2022, the leading developer of the Raccoon Stealer malware was arrested, and the FBI took the malware down. They found over 50 million credentials had been stolen, including banking information and cryptocurrency addresses. The FBI also set up a website to help those whose information had been stolen.
However, it has recently become clear that the Raccoon Stealer malware is still out there – and is now running an updated version, Raccoon 2.3.0. Its new features include the following:
Rapid retrieval of stolen data:
In the past, a stumbling-block for cybercriminals was sifting through over 50 million credentials in order to use the data to their advantage. With this updated version, criminals can quickly locate specific stolen data to reap profits from it.
Stealth measures:
The malware can now detect the potential presence of security bots. If it thinks they are likely active, it deletes the records of its presence.
What can you do to keep your data safe in the face of perpetually-advancing malware?
Ensure that you have implemented the following measures:
Don’t save your passwords in a browser:
As mentioned, malware like Raccoon stealer can very easily swipe passwords and other information stored in-browser. When a box pops up asking whether you would like to save your login info, select “Never.”
Add two-factor authentication:
In the event that a password is stolen, having a message go to your phone or other device will immediately alert you if anyone besides yourself is trying to use your credentials. Of course, you’ll need to keep your phone or other device secure as well!
Increase password strength:
A dictionary attack can discover a simple password using a whole word. Instead, aim for maximum randomness, including numbers and special characters for the strongest password possible.