07 August 19, 14:52
(This post was last modified: 07 August 19, 14:53 by silversurfer.)
Quote:The authors behind LokiBot info-stealer have turned to steganography to add a new layer of obfuscation, the researchers discovered in a recent variant of the malware.
LokiBot is currently under active development, with developers adding a bundle of features over the years.
It can steal browser information from over 25 different products, check for remote administration tools (SSH, VNC, RDP), and find credentials for email and file transfer clients.
Researchers at Trend Micro discovered that new strains of LokiBot use image files to hide code needed for its unpacking routine.
Read more here: https://www.bleepingcomputer.com/news/se...g-routine/