It feels like we are reporting on a new hacking incident daily and it's easy to see why with tools like Raccoon Stealer out in the wild.
The subscription-based malware tool is designed to give hackers an easy interface to aid them in their quest to relieve you of your private data, while also evading the authorities (via Bleeping Computer).
Trash panda hackers
The aptly named Raccoon Stealer is nothing new, but after its main developer was arrested in October of 2022 it seemed like it may simply disappear. Of course, with money to be made, someone else took up the reins and the subscription hacking app is back to help hackers forage through your private data in over 60 apps to reveal treasures like your credit card details, login info, browsing history, cookies, and of course the ever-popular crypto wallets.
For $200 a month, newer hackers get access to these updated tools which give an easier interface from which to launch nefarious data thievery.
A new dashboard allows them to quickly search through large breached datasets. It also offers enhanced protection with a feature that attempts to identify security measures in hacked PCs so that it can delete any potentially incriminating evidence on those machines. An activity profile shows the hackers the potential threat posed to them by any given PC with a red, yellow, and green emoji. Another new system identifies IP addresses associated with crawlers and bots typically used by cyber-security firms and blocks them. Last, but not least a Log Stats panel gives the hacker a look at how their digital crime spree is faring with how many PCs they've infiltrated and their success rate in specific regions.
How to avoid being hacked
Unfortunately, malware-as-a-service isn't going away, which means hacking is just getting easier and the threats are going to continue to grow. So you need to arm yourself against the modern web with a couple of handy tips.
First, you need to be using a password manager, and while the one built into your browser is terribly convenient, it is a large piece of software that can end up with a hole that exposes your login info. That's not to say that password managers are never breached, but select from one of the best and it is far less likely to happen and may even give you tools to rapidly change passwords en masse if a breach does happen.
Secondly, you should be using two-factor authentication, it's going to seem annoying at first and please do not use the versions that use a text or email as the confirmation, but ultimately proper 2FA will save you the massive time suck and headache of dealing with a significant breach of your data.
Stay safe out there!