Stealthy Malware Flies Under AV Radar with Advanced Obfuscation

Discussion in 'malware problems & news' started by mood, Nov 15, 2019.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,872
    Stealthy Malware Flies Under AV Radar with Advanced Obfuscation
    November 15, 2019
    https://threatpost.com/malware-steals-info-with-advanced-obfuscation/150280/
    Cisco Talos: Custom dropper hide and seek
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,872
    Advanced Obfuscation Marks Widespread Info-Stealing Campaign
    January 31, 2020
    https://threatpost.com/advanced-obfuscation-info-stealing-campaign/152468/
    Lastline: Threat Research Report: Infostealers and self-compiling droppers set loose by an unusual spam campaign
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,376
    Location:
    U.S.A.
    Surprised there are no comments on this bugger. One very nasty piece of malware. Also I couldn't think of a better example for keeping macros permanently disabled on all Office apps.
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,872
    AZORult Campaign Adopts Novel Triple-Encryption Technique
    ...malspam campaign that uses three levels of encryption to sneak past cyber defenses
    February 3, 2020

    https://threatpost.com/azorult-campaign-encryption-technique/152508/
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,071
    Location:
    The Netherlands
    Why? Seems like the same old stuff to me, with a locked down powershell.exe, you could stop this. Or are you talking about certain malware techniques?
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,872
    Evolution of malware obfuscation poses security concerns
    March 19, 2020
    https://www.scmagazineuk.com/evolution-malware-obfuscation-poses-security-concerns/article/1677639
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,872
    Blackrota Golang Backdoor Packs Heavy Obfuscation Punch
    Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze
    November 24, 2020

    https://threatpost.com/blackrota-golang-backdoor-obfuscation/161544/
    Qihoo 360 Netlab: Blackrota, a heavily obfuscated backdoor written in Go
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.