Threat Intelligence, Malware

ViperSoftX infostealer evolves with improved obfuscation

Privacy concept: pixelated words Malware on digital background, 3d render

More sophisticated attack concealment capabilities have been integrated into the updated ViperSoftX information-stealing malware distributed via torrents for eBooks, which enables .NET Common Language Runtime exploitation for PowerShell command execution, The Register reports.

Fraudulent JPG files have also been leveraged by ViperSoftX to deploy AutoIT scripts and the AutoIT executable, along with PowerShell scripts, to deactivate Windows security features and perform other scheduled tasks, a report from Trellix revealed. Attackers behind ViperX, who initially intended the infostealer for cryptocurrency asset compromise, have also been leveraging certain security script components in the infostealer. "By leveraging these existing scripts, malware developers not only accelerate development but also focus on improving their evasion tactics, making ViperSoftX a formidable threat in the cybersecurity landscape," said Trellix security researchers Mathanraj Thangaraju and Sijo Jacob, who urged for increased awareness regarding ViperSoftX to facilitate improved security defenses against the ever-evolving information-stealing malware threat.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds