The market for information-stealing malware is constantly evolving as various malware operations strive to attract cybercriminal customers by offering improved evasion techniques and enhanced capabilities for stealing data. These specialized malware, known as information stealers, are designed to surreptitiously gather sensitive information like passwords, cookies, credit card details, and cryptocurrency wallet data from compromised systems. The stolen data is then compiled into logs, which are either used for further attacks or sold on underground marketplaces. A recent report from cybersecurity intelligence firm KELA highlights a notable increase in the number of variants and malware-as-a-service (MaaS) operations during the first quarter of 2023, posing heightened risks to both organizations and individuals. The report specifically focuses on emerging information stealers like Titan, LummaC2, WhiteSnake, and others, which have gained popularity among threat actors. Established strains like RedLine, Raccoon, and Vidar continue to remain prominent, but newer families such as Aurora, Mars, and Meta are also on the rise. The competitive pricing of these new information stealers, some as low as $120 per month, has significantly reduced the entry barrier for cybercriminals, contributing to the sustained popularity of the Malware-as-a-Service market and the widespread use of information stealers.
Relevant URL: https://www.bleepingcomputer.com/news/security/the-new-info-stealing-malware-operations-to-watch-out-for/
