Windows devices have been targeted with attacks involving the novel CoffeeLoader malware that masquerades as Taiwanese computer hardware firm ASUS's Armoury Crate utility to covertly distribute the Rhadamanthys information-stealing malware and other malicious payloads, Cybernews reports.Aside from using Armoury Packer to execute code on devices' graphics cards and evade detection by security software, CoffeeLoader which initially emerged in September also ensures stealth by utilizing Call Stack Spoofing and Sleep Obfuscation capabilities, with the latter potentially activated through the exploitation of Windows fibers, according to findings from Zscaler. While CoffeeLoader was found to have significant technical overlaps with the most recent iteration of the SmokeLoader malware unveiled in December, additional evidence is still needed to establish an association between both payloads, said Zscaler researchers. "At the present time, it is too early to determine whether CoffeeLoader is the next version of SmokeLoader or whether these overlaps are a coincidence," researchers added.
Organizations across Europe are having their Windows systems compromised with the BRICKSTORM backdoor linked to Chinese state-backed threat operation UNC5221 as part of a cyberespionage campaign that commenced three years ago, Infosecurity Magazine reports.
Novel BPFDoor backdoor component facilitates covert attacks Attacks involving a novel controller linked to the BPFDoor malware have been launched by the Earth Bluecrow threat operation, also known as Red Menshen, DecisiveArchitect, and Red Dev 18, against the Linux systems of telecommunications, finance, and retail organizations in Hong Kong, South Korea, Malaysia, Mynanmar, and Egypt last year, according to The Hacker News.
More threat actors have been leveraging the widely used open-source cross-platform runtime environment Node.js to covertly deploy malware and other malicious payloads since October, SecurityWeek reports.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
