Here is a very good reason not to download pirated software

You could save a few dollars by downloading pirated software, but you could also lose a lot more in the process, as researchers have discovered an information stealer that targets cryptocurrency accounts.

Two separate cybersecurity firms – Flashpoint and Sekoia – have discovered brand new information-stealing malware dubbed “RisePro”.

RisePro is distributed through websites hosting pirated software, cracks and other similar illegal content. It infects endpoints through the PrivateLoader (PUP) malware distribution service.

Data theft from cryptocurrency accounts

According to the researchers, RisePro has many similarities with PrivateLoader, leading them to conclude that the malware distribution platform now has its own “infostealer”. Moreover, they discovered that it was most likely built on top of Vidar, as it uses the same system of built-in DLL dependencies.

RisePro searches for data in a long list of browsers, browser extensions, and cryptocurrency wallets, including Google Chrome, Firefox (and 30 other browsers), Authenticator, MetaMask, and Coinbase (and 26 other browser extensions). Furthermore, it steals data from Discord,, Authy Desktop, and can scan file system folders for valuable data, for example credit card information.

According to Flashpoint, criminals have already started selling RisePro logs containing sensitive and personally identifiable data on Russian dark web markets. Those interested in purchasing the logs or the tool itself can do so via Telegram, by interacting with the cybercriminals’ Telegram bot.

Researchers describe PrivateLoader as a paid malware distribution service, which often masquerades as a software crack or keygen. Until now, PrivateLoader only distributed RedLine Stealer or Raccoon, both of which are very popular information stealers in the cybercriminal community.

The best way to protect against such threats is to refrain from downloading illegal content and only download software from legitimate and verified sources. A powerful antivirus solution is also advised.


About Post Author

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.