Information stealing malware is one of the most common ways that organizations end up infiltrated by malicious hackers. For several years, one type of infostealer called Raccoon Stealer ruled them all. If a computer was infected with Raccoon Stealer, all data – ranging from login credentials, payment card data, cryptocurrency accounts, session tokens – are vacuumed up from the machine and sent off to the hackers. Raccoon Stealer was dead easy to use and didn’t require coding knowledge. This meant that anyone could start stealing data from other people’s computers. It also had great customer service. But the elusive operator of Raccoon made critical mistakes – including a revealing photograph on Instagram – that jeopardized his business and himself.
Participants:
Quentin Bourge, Lead Cybercrime Analyst, Threat Detection & Research Team, Sekoia.io
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
In August 2025, two anonymous researchers released 9 GB of data from a workstation of a likely advanced persistent threat (APT) group. Here’s an analysis of the data by Intel 471’s Cyber Geopolitical Risk team.
Initial access brokers (IABs) sell access to compromised organizations on underground forums. Here's an analysis looking at whether these offers can be correlated to ransomware attacks.
In this Studio 471, Jacob Larsen discusses the effects of doxing, how sites like Doxbin take advantage of legal loopholes and how to defend against being doxed.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.