LaZagne

LaZagne is an open-source project designed to help users retrieve passwords for various software programs they may have forgotten. LaZagne is capable of obtaining passwords from Windows and Linux systems and has limited functionality even on Mac OS devices. While the application's intended purpose may have nothing nefarious about it, open-source projects such as this one can be appropriated and abused by threat actors to serve their evil-minded purposes easily.

Indeed, LaZagne has been observed to be deployed as a post-exploitation payload deployed by Remote Access Trojan (RAT) threats. Certain sections of LaZagne's underlying code have also been taken and implemented as part of the Qealler Malware infostealer.

When deployed on a computer, the application can retrieve passwords from 25 different browsers on Windows systems and ten on Linux. For Mac devices, only Chrome and Firefox can be affected. As a whole, though, the range of software passwords that can be harvested by LaZagne encompasses messaging applications such as Skype, several database types, e-mail services, Sysadmin, internal mechanism storage and Wi-Fi. All found credentials can be stored in a text of JSON files. The application offers some customizability, with users having to option to start individual modules or simply run the 'All' module and then search for the desired password manually.

For LaZagne to fully execute its abilities, it must be given full system rights. On Mac systems, the application needs to know the user password. For that purpose, it is equipped with an interactive module capable of generating a dialog box until the user inputs the right password.

Having unrestricted access to the code of LaZagne allows hackers to take any parts they like and adapt them to function alongside their malware creations easily.