Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label PureCoder. Show all posts

Multiple Malware Being Sold on Darkweb Forums


Researchers have recently discovered a new threat group, PureCoder, apparently selling numerous malware on the dark web. They listed malware such as miners, information stealers, and crypters, used by threat actors for their campaigns. 

Spread of PureLogs/PureCrypt 

Two of the most efficiently advertised malware, sold by Purecoder include PureLogs and PureCrypt.

The threat actors as well have posted details of the aforementioned malware in cybercrime forums in order to garner the interest of their customers. 

PureLogs and PureCrypt

  • PureLogs: A malicious DotNET program created for stealing browser data, crypto wallets, and other applications. Reportedly, these malwares are being sold at $99 for a year subscription. 
  • PureCrypter: This malware distributes multiple RATs and stealers. It is being sold for $59, for a one-month subscription and $245 for a lifetime subscription. 

Used by Other Threat Groups 

Most recently, an Italian cybersecurity company TG Soft discovered that PureLogs information stealer was being used by Alibaba2044 threat actors, that was being utilized for launching a spam campaign targeting Italian online users.

  • Fraudulent emails attached with a link were being used to download the password-protected zip file. 
  • The email contained a cabinet file that was disguised as a batch file and contained a malicious executable and the password to open the file. 
  • The batch file, once opened by the targeted victims, will further lead to the (PureLogs stealer) being executed on their systems. 

Various Tools on Offer 

Moreover, the PureCoder group is offering various additional malicious software besides PureLogs and PureCrypter, such as: 

  • PureMiner: The cost of the tool is $99 for a year of access and $199 for lifetime access. It functions as a covert, stealthy, and silent miner. 
  • BlueLoader: A significant number of bots are managed by the BlueLoader botnet, which may be purchased for $99 for a year or $199 for a lifetime. 
  • PureHVNC: A hidden stealth VNC to control systems, sold for one-year use at $99. 

Easy and affordable access to such malicious tools is a serious matter of concern to online users. As a precautionary measure, users are advised to avoid opening suspicious links and email attachments. Moreover, use reliable anti-malware and Internet security software.