Dangerous info-stealer malware is being peddled on the dark web as "malware-as-a-service". Learn how these info-stealers can compromise your system and how to protect yourself.

In the wake of the Russian invasion of Ukraine, hackers are deploying new info-stealing malware against Ukrainian and Western targets.

DUBLIN, April 29, 2022 /PRNewswire/ -- Cyclonis Limited and its research partners track the development of cyber attacks including info-stealing malware threats like Raccoon Stealer and have compiled effective ways to help you protect yourself from attacks. Russia's invasion of Ukraine has brought a heavy wave of new info-stealer malware infections in its wake. Since hostilities broke out, Russian-backed hackers using phishing emails and malware to gain access to both government and individual computer systems have increased, and Russian-linked cyber attacks are expected to remain a constant worldwide threat for the foreseeable future. 

Dangerous Info-Stealer Malware Threatens Users Globally

In the wake of the Russian invasion of Ukraine, numerous highly dangerous info-stealer malware infections have emerged. Info-stealers are designed to infiltrate computers without user knowledge or consent. Once installed, these threats steal users' highly sensitive information, including banking passwords, crypto wallet IDs and passphrases, and credit card information, and transmit the stolen data to cybercriminal hacker groups. Stolen data can be used by cybercriminals to perpetuate identity theft, commit fraud and compromise additional computer systems without the user's knowledge. In an alarming trend, info-stealers are increasingly offered as "malware-as-a-service", providing a turn-key solution for novice cybercriminals to get into the cybercrime game.  

BlackGuard is a password-stealing malware threat that is offered on the dark net as "malware-as-a-service" priced as low as $200/month, according to some reports. It is designed to infiltrate all major web browsers, in addition to Outlook, Telegram, Discord, and several cryptocurrency wallets. BlackGuard's focus is to steal and exfiltrate passwords and other sensitive information from the affected apps. BlackGuard is specifically programmed to geo-target certain regions and countries. Tellingly, BlackGuard has been found to generally avoid affecting systems located in many Russia-aligned CIS countries, including Russia, Belarus, Azerbaijan, and Uzbekistan.

GhostWriter APT is an alleged Belarus-backed hacker group that has used spear-phishing attacks in combination with the Cobalt Strike Beacon malware to attack Ukrainian state entities and other high-profile targets. GhostWriter APT was first identified in March 2017 and has since been reported to have engaged in multiple anti-NATO disinformation campaigns.

Mars Stealer is an info-stealer based on Oski Stealer, a previously released info-stealer threat. Mars Stealer is similar to Racoon Stealer, a similar info-stealer that reportedly suspended operations when one of its main developers died amid Russia's invasion of Ukraine. Experts have suggested that threat actors previously associated with Racoon Stealer are behind Mars Stealer. Mars Stealer is available on the dark web at a minimal cost as "malware-as-a-service" and requires little hacker expertise to weaponize. Rogue operators have employed a variety of tricks to infect users, including utilizing hacked Google Ads accounts to impersonate official websites offering OpenOffice and other popular downloads. Once it is installed on a system, Mars Stealer attempts to steal browser-stored data, including credit card information and stored usernames and passwords, and sends this compromised data to the hackers. 

To find out more about the ongoing cyber attacks against Ukraine, visit https://www.cyclonis.com/cyber-war-ukraine-russia-flares-up-invasion-continues/.

How to Protect Yourself Against Info-Stealing Malware

Users can follow these guidelines to help to prevent info-stealing malware attacks and help increase online security:

• Be extremely careful, even when downloading and installing reputable and popular software. Always verify that you are downloading directly from the source and not from questionable third-party software sharing pages or unfamiliar sites.
  
  
• Protect your computer from potential cyber attacks with a powerful anti-malware program like SpyHunter.
  
  
• Stay alert. Don't click unknown email attachments, website links or online ads because they may lead to malicious sites or install unwanted software without your knowledge.
  
  
• Keep your software up-to-date. Experts often recommend turning on automatic software updates where available.
  
  
• Use strong passwords that are unique and hard to guess. To help keep track of all your passwords in one central place, use a reputable password manager like Cyclonis Password Manager.
• Backup your data. Consider using a reliable cloud storage backup program like Cyclonis Backup to protect your important files. 

About Cyclonis Limited

An Irish company headquartered in Dublin, Cyclonis Limited designs and develops desktop, mobile, and cloud-enabled software products focused on simplifying data organization and management. Our applications aim to streamline the process of organizing the increasing volumes of information regular computer users deal with every day.

Connect with Cyclonis Ltd. on Twitter | Facebook | LinkedIn | YouTube

SOURCE: Cyclonis Limited

View original content to download multimedia:https://www.prnewswire.com/news-releases/russian-hackers-deploy-info-stealing-malware-against-ukraine-cyclonis-limited-provides-key-steps-to-protect-yourself-now-301536029.html

SOURCE Cyclonis Limited