MassLogger

The MassLogger threat is a reconnaissance tool that can go a long way in extracting data from targeted hosts. The main goal of the MassLogger threat is to collect keystrokes from its targets. Apart from deploying a keylogging module, the MassLogger malware is capable of collecting other information as well. The MassLogger threat is able to collect files and logs from:

• FTP (File Transfer Protocol) clients (for example FileZilla).
• VPN (Virtual Private Network) clients.
• Web browsers (for example Google Chrome, Mozilla Firefox, Opera, Yandex, etc.).
• Several email clients.
• Instant messaging services (for example, Telegram, Discord, Pidgin, QQ, etc.).

This Week In Malware Episode 42 Part 1: MassLogger Keylogger Malware Fileless Attack Steals Microsoft & Discord Passwords

The MassLogger malware appears to be sold as a product online. This is known as ‘malware-as-a-commodity.’ Many cyber crooks who create custom-built threats opt to offer them as a commodity online instead of using them themselves. This helps them generate cash easily without risking exposing their identities or getting in trouble. The MassLogger malware appears to be used by various, different threat actors. The group selling licenses for the MassLogger threat goes by the username ‘NYANxCAT.’ The licenses for this hacking tool are sold on a platform called vSell. There are different plans offered for the MassLogger threat, with the cheapest one starting at $25. Having in mind the low starting price, it is likely that many cyber crooks have taken advantage of the offer.

This Week In Malware Ep 11: "Mass-Logger" Malware Evolves In Proliferation of Keylogger Threats

The MassLogger malware appears to incorporate a feature named ‘USB spread.’ It is likely that this feature enables the MassLogger threat to copy itself onto USB flash drives that are connected to a compromised system. This would allow the MassLogger malware to infect other systems to which the compromised USB drive connects to.

This Week In Malware Ep 11: "Mass-Logger" Malware Evolves In Proliferation of Keylogger Threats

The propagation methods used in the spreading of the MassLogger malware are likely to vary since this tool is distributed by various, different threat actors. Be sure to protect your system by installing a legitimate, modern anti-spyware solution.