Alias Description | Votes |
---|---|
Redline Stealer is a possible alias for Redline. RedLine Stealer is a type of malware, or malicious software, that infiltrates computer systems with the intent to exploit and cause damage. It typically gains access through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside the system, it can steal personal i | 11 |
Azorult is a possible alias for Redline. Azorult is a type of malware, or malicious software, that infiltrates systems to exploit and damage them, often without the user's knowledge. It has historically been one of the favored infostealers sold on the marketplace 2easy, alongside RedLine, Raccoon, Vidar, and Taurus. However, as of late Feb | 5 |
Alias Description | Association Type | Votes |
---|---|---|
The Vidar Malware is associated with Redline. Vidar is a Windows-based malware, written in C++, that primarily functions as an infostealer. It is based on the Arkei stealer and typically targets various types of data, using the ACR Stealer as an exfiltration module. However, in a unique twist, Vidar downloads the ACR stealer instead of stealing | Unspecified | 12 |
The Raccoon Malware is associated with Redline. Raccoon is a malicious software (malware) developed by Russian-speaking coders, first spotted in April 2019. It was designed to steal sensitive data such as credit card information, email credentials, cryptocurrency wallets, and more from its victims. The malware is offered as a service (MaaS) for $ | Unspecified | 8 |
The Agenttesla Malware is associated with Redline. AgentTesla is a well-known remote access trojan (RAT) that has been used extensively in cybercrime operations. It infiltrates systems through various methods, including malicious emails and suspicious downloads. Once inside, it can steal personal information, disrupt operations, or hold data hostage | Unspecified | 5 |
The Batloader Malware is associated with Redline. Batloader is a malware downloader posing as installers or updates for legitimate applications such as Microsoft Teams, Zoom, and others. This malicious software can infiltrate systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside, it can steal personal | Unspecified | 5 |
The Lumma Stealer Malware is associated with Redline. Lumma Stealer is a highly sophisticated malware variant known for its extensive data-harvesting capabilities. It is designed to steal sensitive information such as passwords, card details, cryptocurrency wallets, and browser session cookies from infected devices. Lumma Stealer employs a DLL side-loa | Unspecified | 4 |
The QakBot Malware is associated with Redline. Qakbot is a potent piece of malware, or malicious software, that infiltrates computer systems through suspicious downloads, emails, or websites. Once installed, it can steal personal information, disrupt operations, or even hold data hostage for ransom. This malware, built by various groups includin | Unspecified | 4 |
The Amadey Malware is associated with Redline. Amadey is a form of malware, a malicious software designed to exploit and damage computer systems. This particular malware is distributed via the Amadey loader, which can be disseminated through phishing emails or downloads from compromised sites. It has been observed that the individual behind the | Unspecified | 4 |
The NanoCore Malware is associated with Redline. NanoCore is a notorious Remote Access Trojan (RAT) first discovered in 2013. It targets Windows operating system users and operates by opening a backdoor on an infected computer to steal information. NanoCore has maintained a top five position for six consecutive months, taking the third spot in Dec | Unspecified | 4 |
The Risepro Malware is associated with Redline. RisePro is a type of malware, specifically an info-stealer, designed to infiltrate and damage computer systems. It operates by exploiting vulnerabilities in a device, often through suspicious downloads, emails, or websites, typically without the user's knowledge. Once inside, RisePro can disrupt ope | Unspecified | 4 |
The Lumma Malware is associated with Redline. Lumma Stealer, a Malware-as-a-Service (MaaS), has emerged as a significant cybersecurity threat. It is commonly used by threat actors to steal sensitive information such as passwords and crypto-wallet data. In the latest attack chain detailed by Qualys researchers, Lumma Stealer uses malicious CAPTC | Unspecified | 4 |
The Mars Malware is associated with Redline. Mars is a malicious software (malware) that has been discovered by the Trend Micro Mobile Application Reputation Service (MARS) team. This malware, related to other known threats like Vidar and Redline, has been involved in cryptocurrency-mining and financially-motivated scam campaigns targeting And | Unspecified | 3 |
The Lummac2 Malware is associated with Redline. LummaC2 is a dynamic malware strain, first identified in Russian-speaking forums in 2022. It's written in C and distributed as Malware-as-a-Service (MaaS). The malware has been actively exploiting PowerShell commands to infiltrate systems and exfiltrate sensitive data. In 2023, LummaC2's use expande | Unspecified | 3 |
The Darkgate Malware is associated with Redline. DarkGate is a multifunctional malware that poses significant threats to computer systems and networks. It has been associated with various malicious activities such as information theft, credential stealing, cryptocurrency theft, and ransomware delivery. DarkGate infiltrates systems through suspicio | Unspecified | 3 |
The njRAT Malware is associated with Redline. NjRAT is a remote-access Trojan (RAT) that has been in use since 2013, often deployed in both criminal and targeted attacks. This malware can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside a system, NjRAT can steal personal information, d | Unspecified | 2 |
The Lockbit Malware is associated with Redline. LockBit is a type of malware, specifically ransomware, that infiltrates systems to exploit and damage them. It typically enters through suspicious downloads, emails, or websites without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or hold data hostage for | Unspecified | 2 |
The Scrubcrypt Malware is associated with Redline. ScrubCrypt is a sophisticated malware that has been used as a delivery mechanism for other malicious software, notably VenomRAT. The malware operates by exploiting systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once inside the system, ScrubCrypt can disrupt | Unspecified | 2 |
The Xworm Malware is associated with Redline. XWorm is a sophisticated piece of malware designed to infiltrate and exploit computer systems, often without the user's knowledge. It can be delivered through various means such as suspicious downloads, emails, or websites, and once inside a system, it can steal personal information, disrupt operati | Unspecified | 2 |
The Stealc Malware is associated with Redline. StealC is a pernicious malware that specifically targets browser extensions and authenticators by password managers. It came to the forefront following a significant attack on the Solana blockchain in 2023, which resulted in a $7 million heist due to a related malware called Luca Stealer. The StealC | Unspecified | 2 |
The Agent Tesla Malware is associated with Redline. Agent Tesla is a well-known malware that primarily targets systems through phishing attacks, exploiting an outdated Microsoft Office vulnerability (CVE-2017-11882). This malicious software is designed to infiltrate computer systems, often without the user's knowledge, and can steal personal informat | Unspecified | 2 |
The Formbook Malware is associated with Redline. Formbook is a type of malware, malicious software designed to exploit and damage computer systems. It infects systems through suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. Formbook has been linked with other forms o | Unspecified | 2 |
The NETWIRE Malware is associated with Redline. NetWire is a type of malware, specifically a remote access trojan (RAT), that has been utilized for various malicious activities since at least 2014. Initially promoted as a legitimate tool for managing Windows computers remotely, NetWire was quickly adopted by cybercriminals and used in phishing at | Unspecified | 2 |
The Rhadamanthys Malware is associated with Redline. Rhadamanthys is a sophisticated malware that has been used by the threat actor TA547 to target German organizations. This malicious software, designed to exploit and damage computer systems, infiltrates devices through suspicious downloads, emails, or websites, often unbeknownst to the user. Once em | Unspecified | 2 |
The Raccoon Stealer Malware is associated with Redline. Raccoon Stealer, a malware-as-a-service (MaaS) operation, emerged in 2019, designed by Russian-speaking developers to steal victims' sensitive data such as credit card information, email credentials, and cryptocurrency wallets. The malware was initially promoted exclusively on Russian-speaking hacki | Unspecified | 2 |
The Lobshot Malware is associated with Redline. Lobshot is a stealthy remote access malware that has been used by cybercriminals, notably Russian threat actors, in various malicious campaigns. It was featured alongside other well-known malware samples like DarkGate infostealer, Ducktail, and Redline in deceptive campaigns where it was embedded in | Unspecified | 2 |
The malware Avemaria/warzonerat is associated with Redline. | Unspecified | 2 |
The Ducktail Malware is associated with Redline. "Ducktail" is a malicious software (malware) first observed in 2022, specifically designed to target Facebook business accounts. The malware was discovered by Zscaler, a leading cybersecurity firm, and it's suspected to originate from threat actors based in Vietnam. Ducktail not only infiltrates sys | Unspecified | 2 |
The Lokibot Malware is associated with Redline. LokiBot is a malicious software, or malware, that was first reported on October 24, 2020. It is designed to exploit and damage computer systems by infiltrating them through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, LokiBot steals personal information | Unspecified | 2 |
The Dotrunpex Malware is associated with Redline. DotRunpeX is a rapidly evolving and highly stealthy .NET injector malware that has gained significant attention from both security analysts and threat actors. It employs the "Process Hollowing" method to distribute a wide variety of other malware strains, including AgentTesla, ArrowRAT, AsyncRat, Av | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Lapsus Group Threat Actor is associated with Redline. The Lapsus Group, identified as a threat actor originating from North Korea, has been involved in various cybercriminal activities, primarily focusing on cryptocurrency theft. This group is known for its use of sophisticated tools such as RedLine and QakBot, which have been instrumental in their ope | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 22 days ago | ||
BankInfoSecurity | 22 days ago | ||
DARKReading | a month ago | ||
Recorded Future | a month ago | ||
SANS ISC | 2 months ago | ||
Checkpoint | 3 months ago | ||
Checkpoint | 3 months ago | ||
ESET | 4 months ago | ||
DARKReading | 4 months ago | ||
Checkpoint | 5 months ago | ||
DARKReading | 5 months ago | ||
Securityaffairs | 5 months ago | ||
DARKReading | 5 months ago | ||
CERT-EU | 7 months ago | ||
InfoSecurity-magazine | 7 months ago | ||
CERT-EU | 8 months ago | ||
InfoSecurity-magazine | 2 years ago | ||
CERT-EU | 8 months ago | ||
CERT-EU | 8 months ago | ||
BankInfoSecurity | 8 months ago |