Security News > 2023 > August > DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates

A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate.

"The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom Security said in a report published last week.

The latest findings build on recent findings from security researcher Igal Lytzki, who detailed a "High volume campaign" that leverages hijacked email threads to trick recipients into downloading the malware.

Specifically, the loader is designed to parse the AutoIt script and extract the encrypted malware sample.

The malware is offered as a subscription that starts from $1,000 per day to $15,000 per month to $100,000 a year, with the author advertising it as the "Ultimate tool for pentesters/redteamers" and that it has "Features that you won't find anywhere." Interestingly, earlier versions of DarkGate also came fitted with a ransomware module.

Phishing attacks are a primary delivery pathway for stealers, trojans, and malware loaders such as KrakenKeylogger, QakBot, Raccoon Stealer, SmokeLoader, and others, with threat actors continuously adding new features and enhancements to expand their functionalities.

News URL

https://thehackernews.com/2023/08/darkgate-malware-activity-spikes-as.html