Home » Technology » Internet » New Malware RisePro Spreads Through Downloading Websites

New Malware RisePro Spreads Through Downloading Websites

Android Malware

Cybercriminals use an old trick to find victims on the Internet: They lure you with cracked programs that you normally have to pay for and then make a new piece of malware called “RisePro” available for download instead.

This is a data-stealing Trojan. The new malware “RisePro” was detected by analysts from Flashpoint and Sekoia. This is reported by the online magazine Bleeping Computer.

RisePro is a previously undocumented piece of malicious code that steals information. According to security specialists, this malware is designed to help attackers steal credit cards, passwords, and crypto-wallets from infected devices.

The data thief finds victims using a classic honeypot method: the cyber criminals advertise their fake software cracks and key generators on other sites. In doing so, they trap inexperienced users who want to obtain software for free.

Looking for passwords

Anyone who then clicks on a download link to what appears to be cracked software gets the data thief onto their PC and sets the disaster in motion themselves. RisePro starts reading data from a wide variety of applications on the PC, such as browsers and their extensions, in order to get passwords that can be used to empty crypto wallets, among other things. Flashpoint reports that threat actors have already started selling thousands of RisePro logs, the data packages stolen from infected devices, on Russian dark web markets.

In addition, strong similarities to the malware-as-a-service offer PrivateLoader were discovered. PrivateLoader also works with similar lures. Flashpoint, therefore, suspects that the data thief RisePro belongs to PrivateLoader.