8/31/2023 0 Comments Redline cleaner![]() ![]() Combined with its relatively low asking price, RedLine's features turn this malware piece into a highly severe threat. Using that server, the hackers in charge can sift through searching logs, downloads, running tasks, and exporting the data they want.Īfter performing a thorough analysis of the RedLine Stealer, security researchers have confirmed that the tool’s wide-ranging capabilities are as real as they get. The RedLine Stealer corresponds with a remote command-and-control server via a dedicated WSDL application. A feature added later on reportedly allowed RedLine to empty cryptocurrency wallets, too. The RedLine Stealer can be set to only operate in certain countries while putting others on a blacklist. The malware supposedly harvests personal data from Google Chrome, Mozilla Firefox, Torch, Vivaldi, Opera, Yandex, all other Chromium-based web browsers, FTP and IM clients, credit card details, as well as extensive system information - IP, location, login credentials, OS, keyboard layout, directory names or file extensions. The seller has gone to great lengths to provide a detailed overview of what RedLine offers to those willing to purchase the tool. Subscription-based service ($100.00 per month).For the record, Mobility Research does have a project known as which allows participants to donate computing power for disease research and computational drug design by downloading a particular app. The email, whose subject usually went along the lines of "Please help us with Fighting corona-virus," urged recipients to help the company find a cure for Covid-19 by enrolling in the so-called program. Each email reportedly came from a Shannon Wilson () who claimed to be working for Mobility Research Inc, a company providing rehabilitation solutions for physically disabled patients. Encompassing thousands of emails, the campaign sought to infect recipients by making them click on an embedded URL that contained the RedLine payload. Instead, the first officially observed RedLine Stealer infections occurred via a spam email campaign. Although security analysts have only recently seen the RedLine Stealer gaining traction on Russian underground hacking forums, that’s hardly where RedLine initially originated from.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |