1 min read

RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign

Mihai NEAGU

April 27, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign

At the start of the year, Bitdefender noticed a RIG Exploit Kit campaign using CVE-2021-26411 exploits found in Internet Explorer to deliver RedLine Stealer, a low-cost password stealer sold on underground forums.

When executed, RedLine Stealer performs recon against the target system (including username, hardware, browsers installed, anti-virus software) and then exfiltrates data (including passwords, saved credit cards, crypto wallets, VPN logins) to a remote command and control server.

Download the RedLine Stealer whitepaper

Key Findings

  • Bitdefender discovered a new RIG Exploit Kit campaign targeting an Internet Explorer vulnerability designed to distribute RedLine Stealer malware.
  • If executed, the stealer exfiltrates passwords, cookies and credit card data saved in browsers, as well as crypto wallets, chat logs, VPN login credentials and text from files as per the instructions received from the C2 infrastructure.

Country distribution and daily activity

Mitigation

  • Ensure anti-virus and EDR solutions have exploit detection capabilities.
  • Look for the indicators of compromise (IOCs) and keep operating systems and third-party applications up to date, and prioritize security fixes.

Download the RedLine Stealer whitepaper

tags


Author



Right now

Top posts

Vulnerabilities Identified in Wyze Cam IoT Device

Vulnerabilities Identified in Wyze Cam IoT Device

March 29, 2022

1 min read
New FluBot and TeaBot Global Malware Campaigns Discovered

New FluBot and TeaBot Global Malware Campaigns Discovered

January 26, 2022

10 min read
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately

Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately

December 10, 2021

2 min read
Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand

Bitdefender, Law Enforcement Partnership Saves REvil Victims Half a Billion in Ransom Demand

November 08, 2021

2 min read
Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware

Bitdefender Offers Free Universal Decryptor for REvil/Sodinokibi Ransomware

September 16, 2021

2 min read
LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

LuminousMoth – PlugX, File Exfiltration and Persistence Revisited

July 21, 2021

9 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

A Red Team Perspective on the Device42 Asset Management Appliance A Red Team Perspective on the Device42 Asset Management Appliance
Bitdefender

August 10, 2022

1 min read
RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign
Mihai NEAGU

April 27, 2022

1 min read
FIN8 Threat Actor Spotted Once Again with New "Sardonic" Backdoor FIN8 Threat Actor Spotted Once Again with New "Sardonic" Backdoor
Eduard BUDACAVictor VRABIECristina VATAMANUBogdan BOTEZATU
2 min read