According to researchers, Racoon Malware can extract sensitive data from about 60 applications and is distributed under the MaaS (malware-as-a-service) model for $75/week or $200/month.
This is an example of the modern world of malware. By selling this as malware as a service (MaaS) model, the attackers know they can have a continuous revenue stream and the customers know they are more likely to have updates and improved features over time.
With an investment of $200 per month for the malware, plus another $65 to send 50,000 phishing emails, attackers stand to make substantial gains with very little money invested.
This malware is very much an example of a Swiss Army knife approach. It endeavors to gather as much information about as many things as possible in a very short amount of time in order to maximize gains. In addition, the simplicity of the malware is certainly not a detractor to potential customers.
As malware advances in its features, even if not in complexity, it continues to become more damaging. To defend against this, people should concentrate on the most common way it is spread, and that is through phishing. Training users to spot and report phishing emails is by far the most effective way to stop the attacks cold.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics