The pay-per-install (PPI) malware downloader service known as PrivateLoader is being used to distribute a previously documented information-stealing malware dubbed RisePro.
Flashpoint spotted the newly identified stealer on December 13, 2022, after it discovered “several sets of logs” exfiltrated using the malware on an illicit cybercrime marketplace called Russian Market.
A C++-based malware,