Security News > 2021 > November > Crypto Hackers Using Babadeda Crypter to Make Their Malware Undetectable

A new malware campaign has been discovered targeting cryptocurrency, non-fungible token, and DeFi aficionados through Discord channels to deploy a crypter named "Babadeda" that's capable of bypassing antivirus solutions and stage a variety of attacks.

"[T]his malware installer has been used in a variety of recent campaigns to deliver information stealers, RATs, and even LockBit ransomware," Morphisec researchers said in a report published this week.

The malware distribution attacks are said to have commenced in May 2021.

Crypters are a type of software used by cybercriminals that can encrypt, obfuscate, and manipulate malicious code so as to appear seemingly innocuous and make it harder to detect by security programs - a holy grail for malware authors.

Should a victim click a URL embedded within the message, the individual is directed to a phishing domain designed to resemble the game's legitimate website and includes a link to a malicious installer containing the Babadeda crypter.

"Once on a victim's machine, masquerading as a known application with a complex obfuscation also means that anyone relying on signature-based malware effectively has no way of knowing Babadeda is on their machine - or of stopping it from executing."

News URL

https://thehackernews.com/2021/11/crypto-hackers-using-babadeda-crypter.html