The Dell SecureWorks CTU research team has recently analyzed a piece of malware that uses digital steganography to hide part of its malicious code.
Stegoloader, as they dubbed it, is not technically new. Previous versions of the malware have been spotted in 2013 and 2014, bundled with tools used to crack or generate software keys.
The researchers didn’t share how the initial deployment module of the malware arrives on victims’ computers this time around, but noted that it has not been observed being used with exploits or spearphishing, or in other targeted attacks. Also, that it has affected multiple verticals, including healthcare, education, and manufacturing.
Stegoloader’s main reason of being is to steal information from users, but it has a modular design, and the researchers themselves say that they might not have yet seen and analyzed all of its modules.
“Stegoloader’s modular design allows its operator to deploy modules as…
View original post 375 more words