InnfiRAT Malware Searches for Cryptocurrency Information in PC and Steals User’s Personal …

A new malware, InnfiRAT have recently been discovered where it searches for cryptocurrency information and browser cookie information. Scientists …

A new malware, InnfiRAT have recently been discovered where it searches for cryptocurrency information and browser cookie information. Scientists have detected a remote access Trojan described as InnfiRAT, which is equipped for digital spying and data disappearance.

Precisely, InnfiRAT is structured to access and rob personal data on the user’s system. In addition to other things, InnfiRAT is composed to search for cryptocurrency wallet information, like Bitcoin and Litecoin. Further, InnfiRAT also captures browser cookies to steal passwords and usernames and session information.

Accurately, scientific researchers describe InnfiRAT as a Trojan. The Trojans code has been written in .NET and is intended to access and to capture individual information from infected systems and explicitly cryptocurrency wallet data, which includes Litecoin and Bitcoin, the leading cryptocurrencies in the market.

Moreover, the malware additionally takes mysterious screen captures to trap any sensitive data that might be shown on a client’s display at a specific time. Besides, to stay away from identification, InnfiRAT pays special attention to virtual machine environments and can likewise check for antivirus programs. These exercises are disturbing; however, the malware is considerably more vicious in its abilities.

Furthermore, the information it swipes is sent to C&C (command and control) server, yet that is not the part of the arrangement. As a part of the procedure, it demands further instruction from the server. At times, the C&C server may inform the RAT to download additional malware into the infected computer, bringing about other problems.

When a system gets infected with a RAT, it could introduce additional malware like ransomware. Ransomware is a high-risk malware that generally is intended to encrypt records. To be more precise, it could lock the individual’s files utilizing a secure encryption algorithm which could not be decrypted without the correct software.

Nevertheless, cybercriminals are the ones who have possession of this software, and they exploit people to get it from them by paying a specific amount as payment. Moreover, InnfiRAT can be utilized to steal information like the individual’s IP address, city, district, nation, and so on, and running procedures. Besides, it can kill forms whose name contains strings, like chrome, firefox, browser, opera, to name a few.

Moreover, the list of unethical exercises empowered by this malware expands to well beyond stealing users cryptocurrency wallet like logging keystrokes, accessing individual data, formatting drives, spying the user through their webcam, arranging drives, and the list goes on.

InnfiRAT is an essential tool that can help cybercriminals to create income using misused information in various ways. Succinctly put, to avoid financial data loss, data fraud, having different accounts stolen and PC infected with other malware, and prevent different issues it is required to uninstall this RAT right away.

Cryptocurrency stays as a profitable channel for cybercriminals to produce an illegal profit, and InnfiRAT is just one of the numerous types of malware that presently include cryptocurrency-related robbery.

Related Posts:

  • No Related Posts

InnfiRAT Malware Steals Litecoin And Bitcoin Wallet Information

The RAT searches for wallet.dat files in the %AppData%Litecoin and %AppData%Bitcoin folders, with the immediately being collected, if found and …

New InnfiRAT Malware Hunts Down Litecoin And Bitcoin Wallet Info

A remote access Trojan (RAT) dubbed InnfiRAT comes with extensive capabilities to steal sensitive information, including cryptocurrency wallet data. Zscaler’s ThreatLabZ team took a closer look at its inner workings, although the malware has been in the wild for a while.

The earliest this RAT was spotted is November 2017, according to security researcher James_inthe_box, but this is the first time it was analyzed more seriously.

InnfiRAT is a .NET malware the ThreatLabZ team found, with anti-VM and process checks designed to help it detect when it’s running in a sandboxed environment, typically used for malware analysis.

After infecting the target’s computer, InnfiRAT will copy itself into %AppData%/NvidiaDriver.exe and will write a Base64-encoded PE file in memory that gets decoded to another .NET binary with the actual functionality of the malware.

FYI #Innfirat has been rolling around since 2017:

— James (@James_inthe_box) September 13, 2019

Persistence and anti-analysis measures

If the RAT discovers that it’s running in a sandbox, it will automatically terminate itself, otherwise, it would collect the compromised machine’s HWID and country.

InnfiRAT will also terminate itself if it discovers the processes of tools used for process monitoring such as Process Hacker, Process Explorer, and Process Monitor.

The processes of several web browsers will also be enumerated (i.e., Chrome, Yandex, Kometa, Amigo, Torch, Orbitum, Opera, Mozilla) and, if found, will get immediately killed on sight, potentially to unlock the user profiles for easier harvesting.

The malware will also create a scheduled task designed to execute the malicious %AppData%/NvidiaDriver.exe executable on a daily basis just in case the RAT is discovered and killed.

Checking for specific processes
Checking for specific processes

Stealing crypto and cookies

While InnfiRAT’s command and control (C2) servers can send it 11 types of commands, the most interesting are those that instruct it to search for and steal Bitcoin and Litecoin wallet data, as well as cookie information from the web browsers that got killed in the reconnaissance stage.

The RAT searches for wallet.dat files in the %AppData%Litecoin and %AppData%Bitcoin folders, with the immediately being collected, if found and delivered to the malware’s C2 server.

“InnfiRAT also grabs browser cookies to steal stored usernames and passwords, as well as session data. In addition, this RAT has ScreenShot functionality so it can grab information from open windows,” found the Zscaler ThreatLabZ team.

“InnfiRAT sends the data it has collected to its command-and-control (C&C) server and requests further instructions. The C&C can also instruct the malware to download additional payloads onto the infected system.”

Searching for Bitcoin wallet.dat
Searching for Bitcoin wallet.dat

Text documents of less than 2,097,152 bytes are also collected by the RAT if they’re stored on the victim’s desktop and get sent to the same pile of exfiltrated data stored on the C2 server.

InnfiRAT’s operators can also send it the following commands besides the ones already described above:

SendUrlAndExecute(string URL) – download a file from a specified URL and executes it

ProfileInfo() – collect and exfiltrate network, location, and hardware info

LoadLogs() – write files into specific folders

LoadProcesses() – get a list of running processes and send it to the C2 server

Kill(int process) – command to kill a specific process on the victim machine

RunCommand(string command) – execute a command on the victim machine

ClearCooks() – clears browser cookies for specific browsers

Indicators of compromise (IOCs) including malware sampled hashes and domains used to drop the RAT and as C2 servers are available at the end of ThreatLabZ team’s InnfiRAT write-up.

Last month, two new RATs were discovered by security researchers, one of them targeting several countries as part of a campaign operated by financially motivated threat actors who used a RAT payload dubbed BalkanRAT by the ESET researchers who spotted it.

The other undocumented RAT called LookBack was found by the Proofpoint Threat Insight Team researchers while being delivered via a spear-phishing campaign that targeted three U.S. entities from the utility sector.

Related Posts:

  • No Related Posts

Ransomware Protection Software Market: Global Macroeconomic Environment Analysis, Outlook …

“Ransomware Protection Software Market” report provides in depth analysis of Market Trends, Market … Microsoft; Sophos; Intel Security; Symantec; Kaspersky Lab; Malwarebytes; Avast Software; Cisco System; Palo Alto Networks …
  • For More Information or Query or Customization Before Buying, Visit at

    Through the statistical analysis, the Ransomware Protection Software Market report depicts the global and Chinese total market of Ransomware Protection Software Industry including capacity, production, production value, cost/profit, supply/demand and Chinese import/export. The total market is further divided by company, by country, and by application/type for the competitive landscape analysis.

    Detailed TOC of Global Ransomware Protection Software Market Insights, Forecast to 2025

    1 Report Overview

    1.1 Research Scope

    1.2 Major Manufacturers Covered in This Report

    1.3 Market Segment by Type

    1.4 Market Segment by Application

    2 Global Growth Trends

    2.1 Global Ransomware Protection Software Market Size

    2.1.1 Global Ransomware Protection Software Revenue 2014-2025

    2.1.2 Global Ransomware Protection Software Sales 2014-2025

    2.2 Ransomware Protection Software Growth Rate by Regions

    2.2.1 Global Ransomware Protection Software Sales by Regions 2014-2019

    2.2.2 Global Ransomware Protection Software Revenue by Regions 2014-2019

    2.3 Industry Trends

    2.3.1 Market Top Trends

    2.3.2 Market Drivers

    3 Market Share by Manufacturers

    3.1 Ransomware Protection Software Sales by Manufacturers

    3.1.1 Ransomware Protection Software Sales by Manufacturers 2014-2019

    3.1.2 Ransomware Protection Software Sales Market Share by Manufacturers 2014-2019

    3.2 Revenue by Manufacturers

    3.2.1 Ransomware Protection Software Revenue by Manufacturers (2014-2019)

    3.2.2 Ransomware Protection Software Revenue Share by Manufacturers (2014-2019)

    3.2.3 Global Ransomware Protection Software Market Concentration Ratio (CR5 and HHI)

    3.3 Ransomware Protection Software Price by Manufacturers

    3.4 Key Manufacturers Ransomware Protection Software Plants/Factories Distribution and Area Served

    3.5 Date of Key Manufacturers Enter into Ransomware Protection Software Market

    3.6 Key Manufacturers Ransomware Protection Software Product Offered

    3.7 Mergers & Acquisitions, Expansion Plans

    4 Market Size by Type

    4.1 Sales and Revenue for Each Type

    4.2 Global Ransomware Protection Software Sales Market Share by Type

    4.3 Global Ransomware Protection Software Revenue Market Share by Type

    4.4 Ransomware Protection Software Price by Type

    5 Market Size by Application

    5.1 Overview

    5.2 Global Ransomware Protection Software Sales by Application


    Purchase This Report (Price 3900 USD for a Single-User License) –

    Contact Us:

    Name: Ajay More

    Phone: US +1424 253 0807 / UK +44 203 239 8187

    Email: [email protected]

    In the end, the Ransomware Protection Software Market report makes some important proposals for a new project of Ransomware Protection Software Industry before evaluating its feasibility. Overall, the report provides an in-depth insight of 2014-2025 Global and Chinese Ransomware Protection Software Market covering all important parameters.

    Our Other Reports:

    Idiopathic Pulmonary Fibrosis Industry Forecast to 2023 with Global Key Companies Profile, Supply, Demand, Cost Structure

    Global Stroke Management Market Share, Growth, Trend Analysis and Forecast from 2019-2025; Consumption Capacity by Volume and Production Value

    Global Faucets Market Size 2019: Research Methodology, Top Manufactures and Market Size Estimate 2025

    Propellers Market 2019 Global Overview, Latest Technologies, Business Strategy, Key Vendors, Segments, Demands, Growth Factors, Size, Share by Forecast to 2023

  • Related Posts:

    Global Ransomware Protection Software Market: Technology, Future Trends, Market Opportunities …

    Ransomware Protection Software Market Research Report offered by … Microsoft, Sophos, Intel Security, Symantec, Kaspersky Lab, Malwarebytes, …

    Ransomware Protection Software Market Research Report offered by Acquire market research provides a detailed study on the industrial development of the market under the forecast period 2019-2023. The Global Ransomware Protection Software market Industry Report gives a piece of elaborate information about the market size, share and analyzes the complete value chain the report also covers the market dynamics enriching business strategists with quality data about the Ransomware Protection Software market. The Global Ransomware Protection Software Market report highlights the current market scope, business refreshes, advertising models, and research apparatuses.

    Request for sample [email protected]

    Global Ransomware Protection Software market size will reach xx million US$ by 2023, from xx million US$ in 2017, at a CAGR of xx% during the forecast period. In this study, 2017 has been considered as the base year and 2018-2023 as the forecast period to estimate the market size for Car Wax

    Geographically, this report is split into some important regions, together with production, consumption, revenue (USD), along with a market share in those regions, by 2013 to 2023, covering:

    North America (U.S., Canada, Mexico), Europe (Germany, U.K., France, Italy, Russia, Spain, etc.), Asia-Pacific (China, India, Japan, Southeast Asia, etc.), South America (Brazil, Argentina, etc.), Middle East & Africa (Saudi Arabia, South Africa, etc.)

    The following manufacturers are covered :

    Microsoft, Sophos, Intel Security, Symantec, Kaspersky Lab, Malwarebytes, Avast Software, Cisco System, Palo Alto Networks, Sentinelone, Zscaler, Acronis International, Minerva Labs, Barracuda Networks

    The following Types are covered :

    Software, Solutions

    Applications covered in the report (Market Size & Forecast, Different Market Demands by Region, Main Consumer Profile, etc.

    Web Protection, Endpoint Protection, Database Protection, Others,.

    Click here for [email protected]

    Ransomware Protection Software Market
    Ransomware Protection Software Market

    In addition, this report discusses the key drivers influencing market growth, opportunities, the challenges and the risks faced by key manufacturers and the market as a whole. It also analyzes key emerging trends and their impact on present and future development.

    The study objectives are:

    To analyze and research the global Ransomware Protection Software status and future forecast, involving, production, revenue, consumption, historical and forecast.

    To present the key Ransomware Protection Software manufacturers, production, revenue, market share, SWOT analysis, and development plans in the next few years.

    To segment the breakdown data by regions, type, manufacturers, and applications.

    To analyze the global and key regions market potential and advantage, opportunity and challenge, restraints, and risks.

    To identify significant trends, drivers, influence factors in global and regions.

    To strategically analyze each submarket with respect to individual growth trend and their contribution to the market.

    To analyze competitive developments such as expansions, agreements, new product launches, and acquisitions in the market.

    For more details for this report [email protected]

    About Acquire Market Reports:

    Acquire Market Research is an upscale platform to help key personnel in the business world in strategizing and taking visionary decisions based on facts and figures derived from in-depth market research. We are one of the top report resellers in the market, dedicated to bringing you an ingenious concoction of data parameters.

    Contact Us at:

    555 Madison Avenue,

    5th Floor, Manhattan,

    New York, 10022 USA

    Phone No.: +1 (800) 663-5579

    Related Posts:

    • No Related Posts

    Growth of Ransomware Protection Software Market has been derived from the growing CAGR …

    Industrial Forecasts on Ransomware Protection Software Industry: This … Symantec , Kaspersky Lab , Malwarebytes , Avast Software , Cisco System …

    According to Latest Research on Ransomware Protection Software Market:

    Industrial Forecasts on Ransomware Protection Software Industry: This Ransomware Protection Software Market report provides a detailed analysis of worldwide Ransomware Protection Software Market provides extensive Industry with grow significant CAGR during forecast 2019-2023 by top Key manufacturers analysis, region, Types, and Market segment by Applications. This Ransomware Protection Software market research report is conducted to understand the current landscape of the Global market, especially in 2019.

    The Global Ransomware Protection Software Market gives us an in-depth overview of the research trends for the Financial Year 2019. This Report studies the Ransomware Protection Software industry on various parameters such as the raw materials, cost, and technology and consumer preference. It also provides with important Ransomware Protection Software market credentials such as the history, various development and trends, trade overview, regional markets, trade and also market competitors.

    Get Access to the Report Sample here@:

    Major Key Players of the Ransomware Protection Software Market are:

    , Microsoft , Sophos , Intel Security , Symantec , Kaspersky Lab , Malwarebytes , Avast Software , Cisco System , Palo Alto Networks , Sentinelone , Zscaler , Acronis International , Minerva Labs , Barracuda Networks , ,

    Major Types of Ransomware Protection Software covered are:

    Software, Solution , ,

    Major Applications of Ransomware Protection Software covered are:

    (Web Protection, Endpoint Protection, Database Protection, Others, )

    To get this report at a profitable rate @

    Regional Ransomware Protection Software Market (Regional Output, Demand & Forecast by Countries):-

    North America (United States, Canada, Mexico)

    South America ( Brazil, Argentina, Ecuador, Chile)

    Asia Pacific (China, Japan, India, Korea)

    Europe (Germany, UK, France, Italy)

    Middle East Africa (Egypt, Turkey, Saudi Arabia, Iran) And More.

    The research report studies the historical, present, and future performance of the global market. The report further evaluates the present competitive landscape, prevalent business models, and the likely advancements in offerings by significant players in the coming years.

    What are the market factors that are explained in the report?

    1 . Market dynamics: The Ransomware Protection Software report also shows the scope of the various commercial possibilities over the upcoming years and the positive revenue forecasts for the upcoming years. It also studies the key markets and the mentions the various regions i.e. the geographical spread of the industry.

    2. Competitive Market Share: The report offers an entire evaluation of the marketplace. It does so through in-intensity qualitative insights, recorded insights, and future projections. The projections included in the report had been founded employing established research assumptions and methodologies. With the aid of doing so, the Ransomware Protection Software Market research report fills in as a storehouse of assessment and records for every aspect of the marketplace, comprising yet not limited to provincial markets, product type, application, end-users, and industry verticals.

    3. The Goal Of The Report:The main goal of this research study is to provide a clear picture and a better understanding of the market for research report to the manufacturers, suppliers, and the distributors operational in it. The readers can gain a deep insight into this market from this piece of information that can enable them to formulate and develop critical strategies for the further expansion of their businesses.

    4. Feature of the report:

    The report studies the key factors affecting the market.

    The various opportunities in the market.

    To analyse the market size of the market and infer the key trends from it.

    To inspect the market based on product, market share and size of the product share.

    To analyse based on end-users and applications and focus on the growth rate of each application.

    View Full Report Description with TOC:

    Reasons to Purchase Ransomware Protection Software Market Report:

    1. Current and future of Ransomware Protection Software market outlook in the developed and emerging markets.

    2. Analysis of various perspectives of the market with the help of Porter’s five forces analysis.

    3. The segment that is expected to dominate the Ransomware Protection Software market.

    4. Regions that are expected to witness the fastest growth during the forecast period.

    5. Identify the latest developments, Ransomware Protection Software market shares, and strategies employed by the major market players.

    Besides, the market study affirms the leading players across the globe in the Ransomware Protection Software market. Their key marketing dispositions and advertising enterprise have been highlighted to offer a clear understanding of the Ransomware Protection Software market.

    Contact Us:

    Mr. Kevin Thomas


    +1 513 549 5911 (US)

    +44 203 318 2846 (UK)“””

    Post Views: 42

    Related Posts:

    • No Related Posts