Info Stealer

Raccoon Stealer v2

First seen: 2022 • Status: active

Currently Active Threat

Raccoon v2 is a rebuilt version of a famous password stealer that kept operating even after its creator was arrested.

Overview

Raccoon Stealer v2 is a complete rewrite of the original Raccoon malware. Despite the arrest of its main developer, the stealer continues to be distributed.

Also Known As

RecordBreaker, Raccoon v2

How It Spreads

  • Malvertising
  • Fake software sites
  • Cracked applications
  • SEO poisoning

What It Does

  • Browser credential theft
  • Cryptocurrency wallet theft
  • Discord token theft
  • System information gathering

Is your business exposed?

Target Platforms

Windows

Detection Tips

  • Monitor for Raccoon v2 C2 patterns
  • Check for browser data access
  • Analyze Discord token theft
  • Review crypto wallet access

MITRE ATT&CK Techniques

T1555, T1539, T1528, T1082, T1005

If You're Infected

  1. 1.

    Remove Raccoon v2 malware

  2. 2.

    Reset all credentials immediately

  3. 3.

    Revoke Discord sessions

  4. 4.

    Move crypto to new wallets

Related Malware

Raccoon, Redline, Lumma

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices