Raccoon Infostealer was born in April 2019 as a Malware As a Service (MaaS), immediately establishing itself as one of the most widespread and efficient malware infostealers around; a malicious software that infects computers and steals personal information, including e-mail addresses, identification numbers, bank account information, and cryptocurrency information.
The most common methods used by this malware to collect data are:
• Keylogging: This technique records keyboard activity: whatever words are typed (thus including passwords) are stored within a log file.
• Screen capturing: The Infostealer can record screenshots or screenshots of user activity, including sensitive data displayed on the screen.
• Credential stealing: The Infostealer can steal login data stored in browsers or in applications saved on a device.
• Memory scraping: This technique aims to retrieve sensitive data from processes running in system memory.
Here is a careful analysis by Swascan’s team of experts, which focused on the configuration and operation of the raccoon.biz portal and the “Raccoon” Infostealer malware.