RedLine Stealer

The RedLine Stealer is a hacking tool that is being promoted on underground Russian hacking forums by a user who uses the handle 'Redglade.' This threat works as an information stealer, and it can be purchased and used by any hacker who is willing to pay $150 for the 'Lite' version, or $200 for the 'Pro' version. Needless to say, this makes RedLine Stealer much more threatenng since hackers around the world may use it to infect their targets, and attempt to steal their sensitive data.

This information stealer, in particular, focuses on grabbing data from the following applications and services:

• Login credentials, cookies, autofill forms, and credit cards saved in Web browsers.
• The author claims that it is compatible with all Web browsers based on Gecko (Mozilla Firefox) or Chromium (Google Chrome, Torch, Opera, Vivaldi, Yandex, etc.)
• The stealer can grab sensitive data from FTP clients, email clients, and Instant Messaging (IM) services.
• It can grab files by searching for specific file extensions, filenames, or directory names.

The threat will also create a profile for each victim by collecting system information such as their country, city, name, IP address, operating system, and software/hardware information. Last but not least, the operator of the RedLine Stealer will be able to create a blacklist with countries that RedLine Stealer will not work in.

Since anyone can use RedLine Stealer, it is best to assume that this threat may hide anywhere online – torrent trackers, bogus advertisements, fake downloads, fake software updates, pirated software, pirated media, etc. It is recommended to avoid all shady files, as RedLine Stealer is just one of the many threats that may be distributed with its assistance. Naturally, the best defense against threats like this one is to use a trustworthy and regularly updated anti-malware application.