LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Experts temporarily disrupted the RedLine Stealer operations

1 year ago 100
BOOK THIS SPACE FOR AD
ARTICLE AD

Security experts from ESET, have temporarily disrupted the operations of the RedLine Stealer with the help of GitHub.

ESET researchers announced to have temporarily disrupted the operations of the RedLine Stealer with the help of GitHub.

The two companies teamed up with Flare to curb the operations of the malware operators. The experts discovered that the malware control panels use GitHub repositories as dead-drop resolvers.

The RedLine is an info stealing malware written in .NET that is active since at least early 2020. The malware is able to steal sensitive information from the infected systems, including credentials, cookies, browser history, credit card data, and crypto wallets. The info-stealer is considered a commodity malware that is available through malware-as-a-service model.

By analyzing samples of the RedLine Stealer, the ESET researchers identified the following repositories:

github[.]com/lermontovainessa/Hub github[.]com/arkadi20233/hub github[.]com/ivan123iii78/hub github[.]com/MTDSup/updateResolver RedLine stealer

ESET shared its findings with GitHub, which immediately suspended the repositories.

The experts did not observe fallback channels, which means that the removal of these repositories made the control panels unusable. The operators behind the RedLine will be forced to set up new panels to recover their operations.

No fallback channels were observed. The removal of these repositories should break authentication for panels currently in use. While this doesn’t affect the actual back-end servers, it will force the RedLine operators to distribute new panels to their customers. 3/4 pic.twitter.com/amunD6j8Ly

— ESET Research (@ESETresearch) April 17, 2023

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:

The Teacher – Most Educational Blog The Entertainer – Most Entertaining Blog The Tech Whizz – Best Technical Blog Best Social Media Account to Follow (@securityaffairs)

Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, RedLine)



Read Entire Article
  3. Experts temporarily disrupted the RedLine Stealer operations

Related

U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 20

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 20

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Mazda Connect flaws allow to hack some Mazda vehicles

Mazda Connect flaws allow to hack some Mazda vehicles

Trending

1. Election Commission of India
2. Harshit Rana
3. West Indies vs Bangladesh
4. Nitish Kumar Reddy
5. Yeh Kaali Kaali Ankhein
6. Pam Bondi
7. Mukesh Ambani
8. Zebra Movie
9. Sports
10. C2C Advanced Systems IPO GMP

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved