Security News > 2023 > April > ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection

A significant number of victims in the consumer and enterprise sectors located across Australia, Japan, the U.S., and India have been affected by an evasive information-stealing malware called ViperSoftX. ViperSoftX was first documented in 2020, with cybersecurity company Avast detailing a campaign in November 2022 that leveraged the malware to distribute a malicious Google Chrome extension capable of siphoning cryptocurrencies from wallet applications.

Now a new analysis from Trend Micro has revealed the malware's adoption of "More sophisticated encryption and basic anti-analysis techniques, such as byte remapping and web browser communication blocking."

The arrival vector of ViperSoftX is typically a software crack or a key generator, while also employing actual non-malicious software like multimedia editors and system cleaner apps as "Carriers."

One of the key steps performed by the malware before downloading a first-stage PowerShell loader is a series of anti-virtual machine, anti-monitoring, and anti-malware checks.

As mitigations, it's advised that users download software only from official platforms and sources, and avoid downloading illegal software.

"The cybercriminals behind ViperSoftX are also skilled enough to execute a seamless chain for malware execution while staying under the radar of authorities by selecting one of the most effective methods for delivering malware to consumers," Ovid Ladores added.

News URL

https://thehackernews.com/2023/04/vipersoftx-infostealer-adopts.html