Raccoon Malware: The Not So Cute Threat To Personal Information

Cyberthieves are always on the hunt for the next tool they can use to infiltrate networks to steal data and sensitive personal information. Cybercrime is responsible for billions in losses to companies, not to mention the customers who become victims due to stolen data.

One of the latest threats is called Raccoon Malware and it’s something your IT department needs to know about. We take a look at this new social media scam, how it works, and what you can do to protect your organization’s sensitive data.

What Is Raccoon Malware?

Raccoon Malware is one of the new types of Internet scams, which is designed to steal personal financial information. Sometimes called “Raccoon Stealer”, “Mohazo” or “Racealer”, it first started popping up in early 2019.

It’s not as sophisticated as other forms of malware, but it can be just as damaging. It’s also growing in popularity among hackers on the Dark Web because it is cheap to buy and easy to set up and use.

It’s written in C++ and works on 32-bit and 64-bit operating systems.

Racoon malware targets:

  • Credit card numbers
  • Cryptocurrency wallets
  • Passwords
  • Email login information
  • Data from all popular browsers
  • Cookies
  • System information

Essentially, Raccoon searches files for sensitive data. Once the financial information has been mined, it gets sent back to the originator. 

How is Raccoon Malware Deployed?

Like other types of malware, Raccoon is usually deployed through exploit kits and phishing email attacks. Often an infected Word document is attached. It can also be bundled with other malware.

Even though it’s not as sophisticated as other types of malware, it is a big threat simply because it is easy to deploy. The creators of Raccoon malware even provide 24/7 “customer” support.

How Can You Prevent Raccoon Malware?

You can help prevent an attack by using security software patches. It’s also a good idea to provide ongoing education and reminders to employees, third-party vendors, and anyone with access to your network.

13 ways to protect against malware attacks:

  1. Update operating systems, browsers, and plugins.
  2. Enable click-to-play plugins.
  3. Never click on an email if you don’t recognize the source.
  4. Check the sender address/URL to make sure the email looks legitimate.
  5. Be alert to awkward language, spelling and grammar issues in emails.
  6. Be careful about clicking on any attachment in an email.
  7. Understand that organizations like the IRS will NEVER contact you by email.
  8. Don’t call fake tech support phone numbers.
  9. Be wary of cold callers that ask for your information.
  10. Don’t download software, plugins, or music/data from unauthorized websites.
  11. Use strong passwords/password manager.
  12. Only use secure connections and websites. (Look for the padlock icon next to the URL!)
  13. Install firewalls, anti-malware, and anti-ransomware technology.

Being aware of the information threat risks will help reduce the chances that you or an employee will unwittingly unleash malware into your system.

Beware of the Not So Cute Threat To Your Network

There are many ways cyber thieves can pose a threat to your network. Raccoon malware is just one of the latest tools in their arsenal. If you’re not careful, Raccoon can steal sensitive financial information.

Learn more about other common cybersecurity schemes on our blog. We can also help protect your network with comprehensive security solutions to stop malicious activity before it affects you.