A recently identified information stealer named ‘RisePro’ is being distributed by pay-per-install malware downloader service ‘PrivateLoader’, cyberthreat firm Flashpoint reports.
Written in C++, RisePro harvests potentially sensitive information from the compromised machines and then attempts to exfiltrate it as logs.
RisePro was initially spotted on December 13, featured on a cybercrime marketplace called Russian Market, where cybercriminals upload and sell logs exfiltrated using stealers.
According to Flashpoint, the malware appears to be based on Vidar stealer, which has been analyzed several times in the past.
Russian Market, Flashpoint says, lists more than 2,000 logs supposedly exfiltrated using RisePro, which may indicate that the information stealer is gaining popularity among cybercriminals.
