The malware-as-a-service model has become terrifying as it means there’s a well-run, ever-improving structure designed to compromise low-hanging fruit systems, said Ben Pick, senior application security consultant at nVisium. Pick said while the Raccoon Stealer payloads appear customizable based on the target, the methods of delivery are still mostly through emails.
“Thus, the best protection against this is performing due diligence by not installing or opening files from an email,” Pick explained. “To overcome the initial uncertainty, Raccoon Stealer has also utilized Google optimization to make the files appear more legitimate. Therefore, a cursory Google check no longer suffices to verify whether a document should be opened. The best counter is to not open files received in an email and to use out-of-band communications if it’s absolutely necessary to send trusted files to trusted parties.”