Verblecon malware loader used in stealthy crypto mining attacks

2022-03-29 10:41

Security researchers are warning of a relatively new malware loader, that they track as Verblecon, which is sufficiently complex and powerful for rannsomware and erespionage attacks, although it is currently used for low-reward attacks.

Researchers from Symantec, a division of Broadcom Software, discovered Verblecon in January last year and observed it being used in attacks that installed cryptocurrency miners on compromised machines.

A look at five Verblecon samples that the researchers analyzed shows that many of the antivirus engines on VirusTotal do not flag them as malicious.

Tk/. The DGA used is based on the current time and date and includes the string "Verble" as a suffix, which is where the malware name comes from.

The researchers say that the end goal of whoever is behind Verblecon deployments is to install cryptocurrency mining software, which is not in tune with the effort required to develop malware of such sophistication.

The researchers believe that Verblecon is currently used by an actor that does not recognize the full damaging potential of this malware loader.

News URL

https://www.bleepingcomputer.com/news/security/verblecon-malware-loader-used-in-stealthy-crypto-mining-attacks/

#attack #crypto #cryptomining #malware #mining

News URL

Related news