PurpleWave: Information stealing program from Russia

Infostealer is one of cybercriminals‘ most profitable tools, because the information gathered from systems infected with this malware can be sold to underground cybercriminals or used in credential stuffing attacks.

The Zscaler ThreatLabZ team came across a new PurpleWave Infostealer which was written in C++ and installed silently on the user’s system automatically.

It connects to a command and control (C&C) server to send system information and install new malware on the infected system.

The author of the malware sells PurpleWave on Russian cybercrime forums for a lifetime update of 5,000 RUB (US 54).

The developer who sells PurpleWave says that this kind of hacking software will steal Chromium and Firefox browsers types of passwords, cookies, cards and auto-filling. The stealer will also collect files, take screenshots, and install other modules from the specified path.