Raccoon Stealer 2.0 (Deprecated) (7046193b-96c2-462b-9ba1-ea39a938e8e9)
We are no longer maintaining this object in favor of a similar object subsequently published by MITRE: "Raccoon Stealer" (Software). All relevant Tidal content extensions (e.g. additional Technique and Object relationships and metadata) have been added to the MITRE-authored object.
Raccoon Stealer is one of the most heavily used information & credential stealers (""infostealers"") in recent years. The ""2.0"" version of Raccoon Stealer was observed in mid-2022, featuring new capabilities designed to improve its stealth.[Sekoia.io Raccoon Stealer June 28 2022] Raccoon Stealer is licensed as a service, and like many other modern infostealer families, the relatively low cost of a Raccoon Stealer subscription (around $75 for weeklong access) contributes to the malware's popularity. Victim credentials acquired via Raccoon Stealer are often resold on illicit, automated marketplaces on the dark web.
More details on the shifting infostealer landscape, the rising threat posed by infostealers to large and small organizations, and defending against top infostealer TTPs can be found in the Tidal Cyber blog series: Part 1 (https://www.tidalcyber.com/blog/big-game-stealing-part-1-the-infostealer-landscape-rising-infostealer-threats-to-businesses-w), Part 2 (https://www.tidalcyber.com/blog/big-game-stealing-part-2-defenses-for-top-infostealer-techniques).
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Raccoon Stealer 2.0 (Deprecated) (7046193b-96c2-462b-9ba1-ea39a938e8e9) | Tidal Software | Scattered Spider (3d77fb6c-cfb4-5563-b0be-7aa1ad535337) | Tidal Groups | 1 |