This well-known infostealer is back with upgraded malware

Petya nagscreen
(Image credit: Wikipedia)

The hugely popular infostealer known as Raccoon is back, as its adoptive developers demonstrate new features to the underground hacking community. 

According to BleepingComputer, cybersecurity researchers recently discovered a new ad on hacking forums, promoting version 2.3.0 of the infamous malware. It comes with a couple of improvements, which the team worked “tirelessly” to bring to the hacking community. 

As per the post, the new features were designed based on “customer feedback”, requests, and cybercrime trends, and should provide a better user experience with more privacy from researchers and law enforcement.


Raccoon Stealer version 2.3.0 has a new search function hackers can use to look for stolen credentials, a new tool to counter “suspicious activity” by deleting all records, and a reporting system that identifies and blocks IP addresses used by crawlers and bots. There is also a new Log Stats panel which gives users a holistic overview of their operations.

In its prime, Raccoon Stealer was one of the most popular infostealing malware variants out there, but it was shut down following an FBI raid late last year. During the raid, the infostealer’s developer, Mark Sokolovsky, was arrested in the Netherlands, while the infrastructure was shut down. 

Raccoon Stealer was an infostealer-as-a-service, which hackers could rent for $200 a month. It is capable of stealing information from more than 60 applications. It mostly targeted login credentials, credit card information, crypto wallets, and similar data. 

Besides the obvious - not getting infected by malware - there are a few other things that can be done to safeguard one’s data, including not storing important information in the browser, and using multi-factor authentication (MFA) whenever possible, preferably via one of the best authenticator apps. Instead of saving data in the browser, IT security experts recommend using third-party password managers instead.

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.