Alert — There's A New Malware Out There Snatching Users' Passwords

2021-04-11 23:51

A previously undocumented malware downloader has been spotted in the wild in phishing attacks to deploy credential stealers and other malicious payloads.

Dubbed "Saint Bot," the malware is said to have first appeared on the scene in January 2021, with indications that it's under active development.

The obfuscation present in each stage of the infection, coupled with the anti-analysis techniques adopted by the malware, allows the malware operators to exploit the devices they were installed on without attracting attention.

While these capabilities may seem very small, the fact that Saint Bot serves as a downloader for other malware makes it dangerous enough.

Interestingly, the payloads themselves are fetched from files hosted on Discord, a tactic that has become increasingly common among threat actors, who are abusing legitimate functions of such platforms for C2 communications, evade security, and deliver malware.

The author seems to have some knowledge of malware design, which is visible by the wide range of techniques used.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/qp1Nruco_Oc/alert-theres-new-malware-out-there.html

#malware