Article Malware Security

REDLINE malware

REDLINE: The malware that hides in your downloads

Released in 2020, REDLINE is a malware that aims to steal your personal data.

Mostly present in software cracks, the REDLINE malware can also be detected in PDF files, archives (ZIP and RAR), and any other documents. Mostly present in software cracks, the REDLINE malware can also be detected in PDF files, archives (ZIP and RAR), and any other documents.

The main objective of this malware is to steal the personal data of infected users. Such as credentials stored in browsers or third-party applications, bank data, browser cookies, text files, screenshots or even cryptocurrency wallets. In some cases, the collected data may end up on the Internet.

REDLINE is often accompanied by other malware. Either as a source or as part of a malware package in a malicious file. It can also serve as a gateway, giving attackers remote control and allowing them to deploy other malware such as ransomware, trojans or cryptocurrency miners.

To give you an idea, here is an example of an attack:

Downloading the software

Execution of the downloaded software

Running the malware in the background

Collection of data by the malware

Sending the data to a remote server

A user downloads a video game in Peer-to-Peer, however, it contains a version of the REDLINE malware. When the game is installed, the malware runs in the background. The collection of system information begins. Once completed, the malware sends the information to a remote server and it will be retrieved by the attacker.

To avoid this situation, we recommend that you take the following preventive actions into consideration :

  • Ensure the origin of the items before running them on a workstation
  • Limit the use of business data on a computer for personal purposes
  • Prohibit the storage of login credentials, or any other sensitive data in browsers
  • Enable multi-factor authentication where possible

And never forget: when you download illegal software for free, you will pay for this “freebie” with your personal data.

Always be vigilant.

Glossary :

Malware: A general term for malicious software.

Crack :An executable program that allows you to modify a paid-for basic program and use it for free.

Ransomware : Malicious extortion software that takes data hostage and demands a ransom in exchange.

Trojan : Software that appears legitimate at first glance, but contains malicious features.

(Source : app.any)