Security News > 2022 > March > Verblecon malware loader used in stealthy crypto mining attacks
Security researchers are warning of a relatively new malware loader, that they track as Verblecon, which is sufficiently complex and powerful for rannsomware and erespionage attacks, although it is currently used for low-reward attacks.
Researchers from Symantec, a division of Broadcom Software, discovered Verblecon in January last year and observed it being used in attacks that installed cryptocurrency miners on compromised machines.
A look at five Verblecon samples that the researchers analyzed shows that many of the antivirus engines on VirusTotal do not flag them as malicious.
Tk/. The DGA used is based on the current time and date and includes the string "Verble" as a suffix, which is where the malware name comes from.
The researchers say that the end goal of whoever is behind Verblecon deployments is to install cryptocurrency mining software, which is not in tune with the effort required to develop malware of such sophistication.
The researchers believe that Verblecon is currently used by an actor that does not recognize the full damaging potential of this malware loader.
News URL
Related news
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Crypto companies are losing ground to deepfake attacks (source)