Did REvil just acquire source code for the KPot stealer?

Cyjax notes:

The source code for the KPot stealer has been auctioned off, with a representative of the REvil ransomware group being the sole public bidder.

KPot first appeared in the darknet in mid-2018 as a Malware-as-a-Service (MaaS). It’s functionality included:

Collect passwords, cookies, browsing history and autofill forms from Chrome, Firefox and Edge

Collect data on all RDP files stored in the infected machine

Collect general system information, including IP address, username and installed software


Read more.

About the author: Dissent

Comments are closed.