Phishing campaign distributes password stealing malware

top cybersecurity companies

RedLine Stealer is available as Malware-as-a-Service. The malware also steals other personal data such as cookies and chat logs. It is distributed via bulk spam emails.

A mass phishing campaign targets Windows PCs and is said to deliver malware capable of stealing usernames, passwords, credit card details and the contents of cryptocurrency wallets. Bitdefender cybersecurity researchers have found that the malware, dubbed RedLine Stealer, is offered as malware-as-a-service, which even less-experienced cybercriminals can use to steal many different types of sensitive personal information for as little as $150.

The malware first appeared in 2020. Since April it has been distributed in a mass spam campaign. The phishing emails contain a malicious attachment which, if executed, will trigger the installation of the malware. The victims are mainly located in North America and Europe.

RedLine Stealer exploits the CVE-2021-26411 vulnerability found in Internet Explorer. The vulnerability was announced and patched last year so the malware can only infect users who have not yet installed the security update.

Also chat logs and VPN– Credentials are at risk

Once executed, Redline Stealer performs an initial check against the target system, looking for information such as usernames, installed browsers, and installed antivirus software. Passwords, cookies and credit card data stored in browsers are then read, as well as crypto wallets, chat logs, VPN login information and text from files.

Redline is available on underground marketplaces. The software can be leased there for as little as $100. $800 is called for a “lifetime” subscription.

Leave a Reply

Your email address will not be published.