RisePro Malware Stealing Passwords, Credit Card Info & Cryptocurrency Wallets

By Gagandeep Singh

27-Dec-2022

Analysts at Flashpoint & Sekoia discovered the RisePro, a new information-stealing malware.

RisePro is being spread through fake cracked websites operated by PrivateLoader, which is a (Pay Per Install) malware distribution service.

The information stealer malware was made to steal the target's credit card info, passwords, and Cryptocurrency wallets.

RisePro is a C++ malware that, as per Flashpoint, it might be built on Vidar password-stealing malware.

Sekoia Analysts found substantial code similarities between the Privateloader, suggesting that it might sell its own info stealer or as a service.

RisePro inspects the registry keys, writes the stolen data to the test file, takes the screenshot, bundles it in a ZIP file & then sends the ZIP file to the threat attacker's server.

RisePro malware tries to steal different kinds of data from applications, crypto wallets, and browser extensions.

The malware is being sold on Telegram, where the users interact with the developer and the compromised telegram BOT.

Read the full story here.