all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Redline Stealer: A Novel Approach

Add to bookmarks
April 17, 2024, 6:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news



A new packed variant of the Redline Stealer trojan was observed in the wild, leveraging Lua bytecode to perform malicious behavior.


McAfee telemetry data shows this malware strain is very prevalent, covering North America, South America, Europe, and Asia and reaching Australia.


Infection Chain


 



  • GitHub is being abused to host the malware file at Microsoft’s official account in the vcpkg repository https[:]//github[.]com/microsoft/vcpkg/files/14125503/Cheat.Lab.2.7.2.zip




  • McAfee Web Advisor blocks access to this malicious download

  • Cheat.Lab.2.7.2.zip is a zip file with hash 5e37b3289054d5e774c02a6ec4915a60156d715f3a02aaceb7256cc3ebdc6610

  • The …

america asia australia bytecode data europe file github host infection infection chain in the wild lua malicious malicious behavior malware mcafee microsoft north north america novel prevalent redline redline stealer south south america stealer telemetry trojan

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Wireshark 4.2.5 Released, (Sat, May 18th) 5 hours ago | malware.news
article bugs center cve +13
The who, where, and how of APT attacks – Week in security with Tony Anscombe 16 hours ago | malware.news
apt article attacks campaigns +11
Leveling the cybersecurity playing field 21 hours ago | malware.news
article blumira cybersecurity entry +4
Hardware cybersecurity leader, Flexxon, introduces Server Defender 21 hours ago | malware.news
advanced article cybersecurity defender +8
Automated pentesting in the cloud 21 hours ago | malware.news
article automated challenge cloud +10
How to revamp your cybersecurity in the middle of the chaos 21 hours ago | malware.news
article attackers chaos cybersecurity +8
6K-plus AI models may be affected by critical RCE vulnerability 22 hours ago | malware.news
ai models article attacks critical +14
Zscaler annual phishing report finds a near 60% increase in phishing attacks in 2023 23 hours ago | malware.news
article attacks link media +6
Microsoft, North Korea, Santander, CISA, Deepfakes, Aaran Leyland & More - SWN #387 1 day, 1 hour ago | malware.news
amp article cisa deepfakes +8

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Security Operations Manager-West Coast

@ The Walt Disney Company | USA - CA - 2500 Broadway Street
View on infosec-jobs.com

Vulnerability Analyst - Remote (WFH)

@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
View on infosec-jobs.com

Senior Mainframe Security Administrator

@ Danske Bank | Copenhagen V, Denmark
View on infosec-jobs.com