GBHackers News reports that updates to the ViperSoftX information-stealing malware have bolstered its modularity, covertness, and persistence.
Aside from featuring a complex execution flow and a GUID-based mutex identifier, compared with the older iteration's static mutex, the latest ViperSoftX malware version has also adopted HttpClient and base64-encoded command-and-control communications to better bypass network detection systems, according to findings from K7 Security Labs. ViperSoftX's latest version has also been integrated with a three-layered persistence approach consisting of a scheduled task, an HKCU registry run key, and a concealed batch file within the startup folder, which ensures post-reboot survival of the malware. Operators have also allowed ViperSoftX to target numerous cryptocurrency wallets, browser extensions, and KeePass configurations, indicating a significantly expanded mission over the basic data pilfering focus of last year's version, said K7 Security Labs researchers, who also observed the updated malware's beefed up infrastructure synchronization capabilities.
Aside from featuring a complex execution flow and a GUID-based mutex identifier, compared with the older iteration's static mutex, the latest ViperSoftX malware version has also adopted HttpClient and base64-encoded command-and-control communications to better bypass network detection systems, according to findings from K7 Security Labs. ViperSoftX's latest version has also been integrated with a three-layered persistence approach consisting of a scheduled task, an HKCU registry run key, and a concealed batch file within the startup folder, which ensures post-reboot survival of the malware. Operators have also allowed ViperSoftX to target numerous cryptocurrency wallets, browser extensions, and KeePass configurations, indicating a significantly expanded mission over the basic data pilfering focus of last year's version, said K7 Security Labs researchers, who also observed the updated malware's beefed up infrastructure synchronization capabilities.
