Cybersecurity researchers have recently discovered a new botnet whose final goal is yet to be discovered.
Kraken botnet was firstly discovered in October 2021 by ZeroFox researchers who target Windows machines by deploying various malware to affected devices.
Among other malware, Kraken deploys RedLine Stealer malware which is one of the most popular info stealers out there. It is capable of stealing entire identity info from browsers including saved passwords, credit card information, autocomplete forms, etc. It can also grab inventory data including username, location, hardware, and software details.
ZeroFOX researchers said that it is still unclear what the operator intends to do with stolen data or what is the end goal of this botnet. The researchers also warned that newer versions of RedLine malware are capable of stealing various cryptocurrencies from the victim’s crypto wallets including Zcash, Bytecoin, Ethereum, Exodus, Guarda, Atomic; Armory, and Jaxx Liberty.
ZeroFox researchers confirmed that Kraken is using SmokeLoader to spread rapidly gaining hundreds of new bots every time the operator changes the C2.
From the gathered info, RedLine malware operators are collecting roughly $3,000 per month by sweeping people’s crypto wallets.