YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader

2023-04-18 13:45

Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "In2al5d p3in4er" that's used to deliver the Aurora information stealer malware.

"The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM technique," cybersecurity firm Morphisec said in a report shared with The Hacker News.

Offered as a commodity malware to other actors, it's distributed through YouTube videos and SEO-poised fake cracked software download websites.

In a nutshell, the findings show that the threat actors behind in2al5d p3in4er are leveraging social engineering methods for a high-impact campaign that employs YouTube as a malware distribution channel and directs viewers to convincing-looking fake websites to distribute the stealer malware.

The development comes as Intel 471 unearthed another malware loader AresLoader that's marketed for $300/month as a service for criminal actors to push information stealers disguised as popular software using a binder tool.

Some of the prominent malware families spread using AresLoader since January 2023 include Aurora Stealer, Laplas Clipper, Lumma Stealer, Stealc, and SystemBC..

News URL

https://thehackernews.com/2023/04/youtube-videos-distributing-aurora.html

#evasive #malware #videos #youtube

News URL

Related news