has reemerged with an updated malware version just three months after the operation had shut down after the death of one of its lead developers amid the Russian invasion of Ukraine, reports BleepingComputer
Hacking forums have been promoting Raccoon Stealer 2.0, a ground-up version based on the C/C++ programming language that includes novel front-end, back-end, and code for credential and data theft, according to a report from Sekoia. The new Raccoon Stealer could compromise both 32- and 64-bit systems without the need for dependencies to retrieve legitimate DLLs from its command-and-control servers. Aside from stealing basic system fingerprinting data and browser-stored information, the updated Raccoon Stealer could also exfiltrate cryptocurrency wallets and web browser extensions, individual files, and installed applications lists, as well as capture screenshots.
"We expect a resurgence of Raccoon Stealer v2, as developers implemented a version tailored to the needs of cybercriminals (efficiency, performance, stealing capabilities, etc.) and scaled their backbone servers to handle large loads," said researchers.