RisePro is an information-stealing malware that was first discovered in mid-December 2022. The earliest log recording from this malware, as of the time of this writing, was December 12th, 2022. The logs found were posted to Russian Market, which is a log shop that is like other markets, such as Genesis. There appeared to be multiple thousands of logs posted [2]. RisePro appears to be written in C++ and acts similarly to the “Vidar” malware. According to a Joe Sandbox analysis, RisePro exhib
privateloader (2)
Cyber threat actors are introducing new services to expand their “Client” base. The Pay-per-Install (PPI) distribution model is based on revenue sharing and commissions. The PPI model was initially used to distribute advertisements but is has transitioned to install malware. Malware authors do not have the resources or bandwidth to spread their malware on a large scale. Instead they can rely on a network of affiliates, who distribute the malware, and in return get paid a commission for every
