Search This Blog

Powered by Blogger.

Blog Archive

Labels

Russian hacker created the RedLine program, which steals passwords and bank card data in browsers

The program, as well as stolen data, is sold on the darknet and Telegram.

The RedLine malware attacks browsers based on the Chromium engine — Chrome, Edge, Yandex.Browser and Opera, as well as on the basis of the Gecko engine - Mozilla Firefox and Netscape. RedLine steals saved passwords, bank card data, information about cryptocurrency wallets, cookies, system information, and other information from browsers.

Further, experiments showed that the program collects any sensitive information stored in browsers, and in addition allows you to control the computers of victims via the SOAP remote access protocol and hypothetically create botnets from them. The problem affects not only companies but also ordinary users.

The RedLine program appeared on the Russian darknet in February 2020. The announcement of its sale was posted by a Russian-speaking user with the nickname REDGlade.

The AhnLab ASEC report calls RedLine a serious cyber threat. ASEC discovered the program in 2021 when they were investigating the hacking of the network of an unnamed company. It turned out that access was carried out through a VPN service from an employee's computer infected with RedLine.

Attackers sell malware on the darknet and telegram for an average of $150-200. RedLine is distributed using phishing mailings with attached files in the format .doc, .xls, .rar, .exe. It is also uploaded to domains that disguise themselves as an online casino or, for example, the website of the Krupskaya Confectionery Factory.

It is worth noting that in December 2021, RedLine became the most popular program used in cyber attacks. Since the beginning of the month, more than 22 thousand attacks have been carried out with the help of RedLine.

Experts urged not to store credentials in browsers, suggesting instead to use a password manager and enable two-factor authentication wherever possible.

Share it:

Bank Cyber Security

Cyber Crime

Cyber Crime Report

Dark Web Monitoring

Darkweb

Russian Hackers