The DarkGate Malware Strain
In June 2023, Kaspersky researchers came across a new loader called DarkGate that possesses features that go beyond the typical functionality of downloaders. Notable capabilities of this loader include hidden VNC, exclusion from Windows Defender, browser history theft, reverse proxy usage, file management, and Discord token theft.
DarkGate operates through a four-stage chain, designed to lead to the loading of the malware itself. This loader employs a unique method of encrypting strings with personalized keys and a custom version of Base64 encoding, utilizing a special character set.
The Emotet Malware Strain
Emotet is a botnet that has resurfaced after being taken down in 2021. The report indicates that this malware’s activities have recently been recorded.
In the latest campaign, users unknowingly triggering the execution of a hidden and disguised VBScript by opening the malicious OneNote files. The script then attempts to download the harmful payload from various websites until it successfully infiltrates the system.
Once inside, Emotet plants a DLL in the temporary directory and executes it. This DLL contains hidden instructions, or shellcode, along with encrypted import functions. By decrypting a specific file from its resource section, Emotet gains the upper hand, ultimately executing its malicious payload.
The LokiBot Malware Strain
Kaspersky has also discovered a phishing campaign targeting cargo ship companies that delivered LokiBot. LokiBot is an info stealer malware first identified in 2016, designed to acquire credentials from various apps, including browsers and FTP clients.
These emails contained an Excel document attachment that prompted users to enable macros. The attackers exploited a known vulnerability (CVE-2017-0199) in Microsoft Office, leading to the download of an RTF document. This RTF document subsequently utilized another vulnerability (CVE-2017-11882) to deliver and execute the LokiBot malware.
Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Alex Smith is a writer and editor with over 10 years of experience. He has written extensively on a variety of topics, including technology, business, and personal finance. His work has been published in a number of magazines and newspapers, and he is also the author of two books. Alex is passionate about helping people learn and grow, and he believes that writing is a powerful tool for communication and understanding.
