SYMBOL | COMMON_NAME | aka. SYNONYMS |
RedLine Stealer is a malware available on underground forums for sale apparently as standalone ($100/$150 depending on the version) or also on a subscription basis ($100/month). This malware harvests information from browsers such as saved credentials, autocomplete data, and credit card information. A system inventory is also taken when running on a target machine, to include details such as the username, location data, hardware configuration, and information regarding installed security software. More recent versions of RedLine added the ability to steal cryptocurrency. FTP and IM clients are also apparently targeted by this family, and this malware has the ability to upload and download files, execute commands, and periodically send back information about the infected computer.
2022-06-28 ⋅ AhnLab ⋅ New Info-stealer Disguised as Crack Being Distributed ClipBanker CryptBot Raccoon RedLine Stealer |
2022-06-15 ⋅ Qualys ⋅ Fake Cracked Software Caught Peddling Redline Stealers RedLine Stealer |
2022-05-25 ⋅ Team Cymru ⋅ Bablosoft; Lowering the Barrier of Entry for Malicious Actors BlackGuard BumbleBee RedLine Stealer |
2022-05-19 ⋅ Blackberry ⋅ .NET Stubs: Sowing the Seeds of Discord (PureCrypter) Aberebot AbstractEmu AdoBot 404 Keylogger Agent Tesla Amadey AsyncRAT Ave Maria BitRAT BluStealer Formbook LimeRAT Loki Password Stealer (PWS) Nanocore RAT Orcus RAT Quasar RAT Raccoon RedLine Stealer WhisperGate |
2022-05-17 ⋅ Microsoft Security ⋅ In hot pursuit of ‘cryware’: Defending hot wallets from attacks Mars Stealer RedLine Stealer |
2022-05-12 ⋅ Morphisec ⋅ New SYK Crypter Distributed Via Discord AsyncRAT Ave Maria Nanocore RAT NjRAT Quasar RAT RedLine Stealer |
2022-05-12 ⋅ Netskope ⋅ RedLine Stealer Campaign Using Binance Mystery Box Videos to Spread GitHub-Hosted Payload RedLine Stealer |
2022-05-10 ⋅ eSentire ⋅ Redline Stealer Masquerades as Photo Editing Software RedLine Stealer |
2022-04-27 ⋅ Bitdefender ⋅ RedLine Stealer Resurfaces in Fresh RIG Exploit Kit Campaign RedLine Stealer |
2022-04-25 ⋅ muha2xmad ⋅ Full RedLine malware analysis | IoCs | Stealing information RedLine Stealer |
2022-04-18 ⋅ Bitdefender ⋅ RedLine Stealer Analysis RedLine Stealer |
2022-04-14 ⋅ Cisco Talos ⋅ Threat Spotlight: "Haskers Gang" Introduces New ZingoStealer RedLine Stealer |
2022-03-24 ⋅ paloalto Netoworks: Unit42 ⋅ Threat Brief: Lapsus$ Group RedLine Stealer |
2022-03-23 ⋅ KrebsOnSecurity ⋅ A Closer Look at the LAPSUS$ Data Extortion Group RedLine Stealer |
2022-03-23 ⋅ SecurityAffairs ⋅ It’s official, Lapsus$ gang compromised a Microsoft employee’s account RedLine Stealer |
2022-03-22 ⋅ The Hacker News ⋅ Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group RedLine Stealer |
2022-03-22 ⋅ Bleeping Computer ⋅ Microsoft confirms they were hacked by Lapsus$ extortion group RedLine Stealer |
2022-03-22 ⋅ Microsoft ⋅ DEV-0537 (LAPSUS$/UNC3661) criminal actor targeting organizations for data exfiltration and destruction RedLine Stealer LAPSUS |
2022-03-13 ⋅ Bleeping Computer ⋅ Fake Valorant cheats on YouTube infect you with RedLine stealer RedLine Stealer |
2022-03-03 ⋅ Medium s2wlab ⋅ Deep Analysis of Redline Stealer: Leaked Credential with WCF RedLine Stealer |
2022-02-09 ⋅ BleepingComputer ⋅ Fake Windows 11 upgrade installers infect you with RedLine malware RedLine Stealer |
2022-02-08 ⋅ Intel 471 ⋅ PrivateLoader: The first step in many malware schemes Dridex Kronos LockBit Nanocore RAT NjRAT PrivateLoader Quasar RAT RedLine Stealer Remcos SmokeLoader STOP Tofsee TrickBot Vidar |
2022-02-08 ⋅ HP ⋅ Attackers Disguise RedLine Stealer as a Windows 11 Upgrade RedLine Stealer |
2022-02-07 ⋅ Trellix ⋅ Trellix Global Defenders: Invasion of the Information Snatchers - Protecting against RedLine Infostealer RedLine Stealer |
2022-01-20 ⋅ SANS ISC InfoSec Forums ⋅ RedLine Stealer Delivered Through FTP RedLine Stealer |
2022-01-20 ⋅ blog.rootshell.be ⋅ [SANS ISC] RedLine Stealer Delivered Through FTP RedLine Stealer |
2022-01-19 ⋅ Chainanalysis ⋅ Meet the Malware Families Helping Hackers Steal and Mine Millions in Cryptocurrency Glupteba RedLine Stealer |
2022-01-10 ⋅ Fortinet ⋅ COVID Omicron Variant Lure Used to Distribute RedLine Stealer RedLine Stealer |
2022-01-03 ⋅ AhnLab ⋅ Distribution of Redline Stealer Disguised as Software Crack DanaBot RedLine Stealer Vidar |
2022-01-02 ⋅ Atomic Matryoshka ⋅ "Cracking Open the Malware Piñata" Series: Intro to Dynamic Analysis with RedLineStealer RedLine Stealer |
2021-12-02 ⋅ Cisco ⋅ Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension Azorult RedLine Stealer |
2021-11-29 ⋅ Trend Micro ⋅ Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites AsyncRAT Azorult Nanocore RAT NjRAT RedLine Stealer Remcos |
2021-11-02 ⋅ Minerva ⋅ Underminer Exploit Kit: The More You Check The More Evasive You Become Amadey Oski Stealer RedLine Stealer UnderminerEK |
2021-10-21 ⋅ Bleeping Computer ⋅ Massive campaign uses YouTube to push password-stealing malware Raccoon RedLine Stealer |
2021-10-14 ⋅ Recorded Future ⋅ RedLine Stealer Is Key Source of Identity Data for Criminal Shops RedLine Stealer |
2021-09-27 ⋅ Cyber-Anubis ⋅ RedLine Infostealer | Detailed Reverse Engineering RedLine Stealer |
2021-09-27 ⋅ Trend Micro ⋅ Fake Installers Drop Malware and Open Doors for Opportunistic Attackers RedLine Stealer Socelars Vidar |
2021-08-26 ⋅ Minerva Labs ⋅ Become A VIP Victim With New Discord Distributed Malware BlackNET RAT RedLine Stealer |
2021-08-04 ⋅ ASEC ⋅ S/W Download Camouflage, Spreading Various Kinds of Malware Raccoon RedLine Stealer Remcos Vidar |
2021-07-12 ⋅ IBM ⋅ RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation 404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos |
2021-07-12 ⋅ Cipher Tech Solutions ⋅ RoboSki and Global Recovery: Automation to Combat Evolving Obfuscation 404 Keylogger Agent Tesla AsyncRAT Ave Maria Azorult BitRAT Formbook HawkEye Keylogger Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Quasar RAT RedLine Stealer Remcos |
2021-07-08 ⋅ Blackberry ⋅ Threat Thursday: Redline Infostealer RedLine Stealer |
2021-06-14 ⋅ Blaze's Security Blog ⋅ Digital artists targeted in RedLine infostealer campaign RedLine Stealer |
2021-06-02 ⋅ Morphisec ⋅ Google PPC Ads Deliver Redline, Taurus, and mini-Redline Infostealers RedLine Stealer Taurus Stealer |
2021-04-27 ⋅ Minerva Labs ⋅ RedLine Stealer Masquerades as Telegram Installer RedLine Stealer |
2021-01-18 ⋅ Medium csis-techblog ⋅ GCleaner — Garbage Provider Since 2019 Amadey Ficker Stealer Raccoon RedLine Stealer SmokeLoader STOP |
2020-10-05 ⋅ Juniper ⋅ New pastebin-like service used in multiple malware campaigns Agent Tesla LimeRAT RedLine Stealer |
2020-09-07 ⋅ Github (StrangerealIntel) ⋅ Time to take the bull by the horns RedLine Stealer Taurus Stealer |
2020-07-30 ⋅ Spamhaus ⋅ Spamhaus Botnet Threat Update Q2 2020 AdWind Agent Tesla Arkei Stealer AsyncRAT Ave Maria Azorult DanaBot Emotet IcedID ISFB KPOT Stealer Loki Password Stealer (PWS) Nanocore RAT NetWire RC NjRAT Pony Raccoon RedLine Stealer Remcos Zloader |
2020-07-02 ⋅ Zscaler ⋅ CyberGate RAT and RedLine Stealer Delivered in Ongoing AutoIt Malware Campaigns CyberGate RedLine Stealer |
2020-03-19 ⋅ Bleeping Computer ⋅ RedLine Info-Stealing Malware Spread by Folding@home Phishing RedLine Stealer |
2020-03-16 ⋅ Proofpoint ⋅ TA505 and Others Launch New Coronavirus Campaigns; Now the Largest Collection of Attack Types in Years RedLine Stealer |
2020-03-16 ⋅ Proofpoint ⋅ New RedLine Stealer Distributed Using Coronavirus-themed Email Campaign RedLine Stealer |
There is no Yara-Signature yet.