Raccoon InfoStealer Malspam Campaign

1.0Infoblox Bloghttps://www.infoblox.com/blogInfoblox Threat Intelhttps://www.infoblox.com/blog/author/infoblox-threat-intel/Raccoon InfoStealer Malspam Campaignrich600338<blockquote class="wp-embedded-content" data-secret="xhaQjThv4r"><a href="https://www.infoblox.com/blog/threat-intelligence/raccoon-infostealer-malspam-campaign/">Raccoon InfoStealer Malspam Campaign</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://www.infoblox.com/blog/threat-intelligence/raccoon-infostealer-malspam-campaign/embed/#?secret=xhaQjThv4r" width="600" height="338" title="“Raccoon InfoStealer Malspam Campaign” — Infoblox Blog" data-secret="xhaQjThv4r" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /* <![CDATA[ */ /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://www.infoblox.com/blog/wp-includes/js/wp-embed.min.js /* ]]> */ </script> https://www.infoblox.com/blog/wp-content/uploads/infoblox-higher-ed-optimize-automate-cybersecurity.jpg383254On 1 September, we observed a malicious spam (malspam) email campaign distributing Raccoon malware. Raccoon, also known as Racealer, is an information stealer (infostealer) that was first observed in April 2019.1Raccoon can steal credit cards, usernames, passwords, and cryptocurrency wallets.2 Although it has relatively basic features, it is effective and affordable.