Security News > 2022 > March > Verblecon malware loader used in stealthy crypto mining attacks
Security researchers are warning of a relatively new malware loader, that they track as Verblecon, which is sufficiently complex and powerful for rannsomware and erespionage attacks, although it is currently used for low-reward attacks.
Researchers from Symantec, a division of Broadcom Software, discovered Verblecon in January last year and observed it being used in attacks that installed cryptocurrency miners on compromised machines.
A look at five Verblecon samples that the researchers analyzed shows that many of the antivirus engines on VirusTotal do not flag them as malicious.
Tk/. The DGA used is based on the current time and date and includes the string "Verble" as a suffix, which is where the malware name comes from.
The researchers say that the end goal of whoever is behind Verblecon deployments is to install cryptocurrency mining software, which is not in tune with the effort required to develop malware of such sophistication.
The researchers believe that Verblecon is currently used by an actor that does not recognize the full damaging potential of this malware loader.
News URL
Related news
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- CISA warns of Microsoft Streaming bug exploited in malware attacks (source)
- Hackers target FCC, crypto firms in advanced Okta phishing attacks (source)
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks (source)
- New BunnyLoader Malware Variant Surfaces with Modular Attack Features (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- New GoFetch attack on Apple Silicon CPUs can steal crypto keys (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- The Biggest Takeaways from Recent Malware Attacks (source)