 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: RedLine| Names | RedLine RedLine Stealer | |
| Category | Malware | |
| Type | Backdoor, Info stealer | |
| Description | (Cofense) RedLine Stealer, first seen in 2020, is probably the most well-known stealer on this list. It uses Simple Object Access Protocol (SOAP) for communication with its command-and-control center and can use a variety of plugins. It’s used to collect information from various installed programs including credentials stored in browsers, email applications, as well as cryptocurrency wallet data. RedLine Stealer is often associated with sophisticated phishing campaigns that, after a successful infection, can deliver additional payloads like ransomware or more advanced malware. | |
| Information | <https://cofense.com/blog/luxury-hotels-remain-target-of-social-engineering-attack/> <https://www.trendmicro.com/en_us/research/23/i/redline-vidar-first-abuses-ev-certificates.html> <https://www.infosecurity-magazine.com/news/redline-stealer-malware-scrubcrypt/> <https://unit42.paloaltonetworks.com/malware-configuration-extraction-techniques-guloader-redline-stealer/> <https://www.mcafee.com/blogs/other-blogs/mcafee-labs/redline-stealer-a-novel-approach/> | |
Last change to this tool card: 22 April 2024
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | ↳ Subgroup: Scattered Spider | [Unknown] | 2022-Jan 2024 | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |