Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to infected systems and compromise the sensitive information from victims, as elaborated herein. Redline malware is an evolving piece of malware code written in C# with notable growth in 2021 and disseminated using templates related to the COVID-19 pandemic.
RedLine Infostealer is delivered through stolen games and cracked apps. The malware steals data from browsers, Bitcoin wallets, FileZilla, Discord, Steam, Telegram, and VPN clients. The Redline infostealer sample collects information about the infected PC, including running processes, antivirus products, installed software, Windows product name, CPU architecture, etc. The redline stealer supports Download, RunPE, DownloadAndEx, OpenLink, and CMD. SOAP messages are used to transfer data that was previously exfiltrated from the target system.
Target – MS Windows Platform