Home > Cyber News > New Ficker Infostealer Uses Fake Spotify Ads to Propagate

New Ficker Infostealer Uses Fake Spotify Ads to Propagate

A new nefarious information stealer has been detected in the wild. Dubbed Ficker and detected by the BlackBerry Research & Intelligence Team, the infostealer is sold and distributed on Russian underground forums by a hacker known as @ficker. The malware was first spotted in the wild in the middle of 2020.

How Is Ficker Infostealer Distributed?

The threat uses the malware-as-a-service model. In terms of propagation, Ficker utilizes trojanized web links and compromised websites, redirecting potential victims to pages offering free downloads of legitimate paid services like Spotify and YouTube Premium. In addition to these luring techniques, the malware also uses the well-known Hancitor malware downloader on infected systems.

It is worth mentioning that Ficker is coded in the Rust programming language, which is a “multi-paradigm, high-level, general-purpose programming language designed for performance and safety, especially safe concurrency.”

What’s the Purpose of Ficker Infostealer?

The main goal of the malware is to steal various types of personal details related to the victim’s web browsers, credit card information, crypto wallets, FTP clients, and various applications. The threat is also capable of anti-analysis checks, and can deploy further functionality to download additional malware once the system is breached, BlackBerry researchers said in their report.

This is not the only infostealer detected in active campaigns in the wild.

Security researchers from Sophos Labs recently tracked a new campaign distributing the well-known Raccoon inforstealer. The malware, which is run on as-a-service basis by its developers, has been updated with new tactics, techniques and procedures to steal critical information from its targets. The information Raccoon steals can be uploaded either for sale in criminal marketplaces, or used by cybercriminals for other purposes.

The malware is neither sophisticated nor innovative, yet its malware-as-a-service (MaaS) model gives cybercriminals a quick-and-easy method to make money by compromising sensitive user details.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree