Security News > 2022 > March > Verblecon malware loader used in stealthy crypto mining attacks
Security researchers are warning of a relatively new malware loader, that they track as Verblecon, which is sufficiently complex and powerful for rannsomware and erespionage attacks, although it is currently used for low-reward attacks.
Researchers from Symantec, a division of Broadcom Software, discovered Verblecon in January last year and observed it being used in attacks that installed cryptocurrency miners on compromised machines.
A look at five Verblecon samples that the researchers analyzed shows that many of the antivirus engines on VirusTotal do not flag them as malicious.
Tk/. The DGA used is based on the current time and date and includes the string "Verble" as a suffix, which is where the malware name comes from.
The researchers say that the end goal of whoever is behind Verblecon deployments is to install cryptocurrency mining software, which is not in tune with the effort required to develop malware of such sophistication.
The researchers believe that Verblecon is currently used by an actor that does not recognize the full damaging potential of this malware loader.
News URL
Related news
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- Crypto companies are losing ground to deepfake attacks (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Crypto-stealing malware posing as a meeting app targets Web3 pros (source)
- Windows, macOS users targeted with crypto-and-info-stealing malware (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- New Web3 attack exploits transaction simulations to steal crypto (source)