Security researchers warn of a new version of IceXLoader, a program that attackers use to install malware on affected systems. The malware download tool has been in development for quite some time and should be ready for use by now.
IceXLoader version 3 was discovered last summer by FortiGuard Labs of Fortinet. Then I was informed that the malware download tool is still under development. Researchers at Minerva Labs have now reported the emergence of a new, fully developed version of IceXLoader. This includes a malicious code delivery chain.
collect data
IceXLoader collects metadata on affected systems, among other things. This includes IP addresses, user names, system names, Windows version, and information about hardware specifications. The malware sends this data to a command and control server, which attackers use to control IceXLoader.
The attackers are said to have already killed thousands; The researchers point to a SQLite database file that contains data from thousands of victims. This concerns both business victims and consumers.
phishing
Attackers distribute the malware download tool to victims through phishing campaigns. They send emails with a zip file in which the dropper is hidden. This installs the .NET-based downloader. This download then downloads a second malware dropper tool, which in turn installs IceXLoader.
More information over here Available.
“Thinker. Coffeeaholic. Award-winning gamer. Web trailblazer. Pop culture scholar. Beer guru. Food specialist.”
More Stories
Rewatch: Live 046 | 08/28/2024
Instagram now lets you add a song to your account
PlayStation Plus Essential Games Announced for September 2024