Russia-Ukraine war suspends Raccoon Stealer malware operations

BleepingComputer reports that the Racoon Stealer malware developer group has suspended operations following the death of one of their core developers amid Russia's invasion of Ukraine. In posts on Russian-speaking cybercrime forums on Friday, the group behind Racoon Stealer noted that the developer's death during the "special operation" would no longer make the stealer's operations possible. However, the threat actors confirmed their plans to reconstruct the lost components and relaunch in the coming months. In the meantime, threat actors will be transitioning to the similar Mars Stealer operation, according to security researcher 3xport, who discovered the hacking forum posts. Another post indicated an overwhelming surge of requests at 'MarsTeam' since Racoon's announcement, with 3xport warning about a surge of Mars Stealer hacking campaigns. Russia's invasion of Ukraine has prompted a significant movement among cybercrime actors, with a former Maze ransomware operation representative issuing the master decryptor for previous victims, as well as the exposure of the Conti ransomware group's internal chats and source code after the group had sided with Russia.