RisePro, a known data-stealing malware, is being disseminated through the pay-per-install (PPI) malware downloader service known as PrivateLoader. On December 13, 2022, Flashpoint uncovered “many sets of logs” that had been exfiltrated using the malware on the Russian Market black market for illicit cybercrime, which led them to identify the recently discovered stealer.
RisePro, a C++-based malware, is claimed to be comparable to the information-stealing malware known as Vidar Stealer, which is a branch of the stealer codenamed Arkei that first surfaced in 2018.