This is a data-stealing Trojan. The new malware “RisePro” was discovered by the Flashpoint analysts and Sekoia tracked down. This is reported by the online magazine Bleeping Computer.
RisePro is a previously undocumented piece of malicious code that steals information. According to the security specialists, this malware is designed to help attackers steal the credit cards, passwords and crypto wallets from infected devices.
Infographic: Viruses are still the biggest cyber threat
The data thief finds victims using a classic honeypot method: the cyber criminals advertise their fake software cracks and key generators on other sites. In doing so, they trap inexperienced users who want to obtain software for free.
Looking for passwords
Anyone who then clicks on a download link to what appears to be crack software gets the data thief onto their PC and sets the disaster in motion themselves. RisePro starts reading data from a wide variety of applications on the PC, such as browsers and their extensions, in order to get passwords that can be used to empty crypto wallets, among other things. Flashpoint reports that threat actors have already started selling thousands of RisePro logs, the data packages stolen from infected devices, on Russian dark web markets.
In addition, strong similarities to the malware-as-a-service offer PrivateLoader were discovered. PrivateLoader also works with similar lures. Flashpoint therefore suspects that the data thief RisePro belongs to PrivateLoader.
Download Defender and other malware app
See also: