Technical Analysis of Xloader’s Code Obfuscation in Version 4.3 | allinfosecnews.com

March 30, 2023, 3:30 p.m. | Javier Vicente

Security Boulevard securityboulevard.com

Key Points

Xloader is a popular information stealing malware family that is the successor to Formbook.

In early 2020, Formbook was rebranded as Xloader and the threat actors moved to a malware-as-a-service (MaaS) business model, renting C2 infrastructure to customers.

Xloader implements different obfuscation methods and several encryption layers to protect critical parts of code and data from analysis.

The developers behind this malware family continue to update the code with improved obfuscation and encryption layers with each new version …

analysis as-a-service business c2 infrastructure code critical customers data developers encryption family formbook information information stealing infrastructure january key key points maas malware malware-as-a-service obfuscation popular protect s code service stealing technical technical analysis threat threat actors update version xloader zscaler

More from securityboulevard.com / Security Boulevard

Navigating Email: From Spam Wars to Trusted Relationships 2 hours ago | securityboulevard.com

art call communication email +6

USENIX Security ’23 – Intender: Fuzzing Intent-Based Networking with Intent-State Transition Guidance 20 hours ago | securityboulevard.com

access authors channel conference +20

Disgraced, Twice Impeached, Former President Joins His Long List Of Campaign And Administration Officials And … 20 hours ago | securityboulevard.com

administration advisors campaign candidates +8

What is an IS (RBI) Audit? 1 day, 4 hours ago | securityboulevard.com

address audit banking banks +27

The Ultimate Guide to FedRAMP Marketplace Designations 1 day, 12 hours ago | securityboulevard.com

agency authentication can cloud +19

Understanding Credential Phishing 1 day, 12 hours ago | securityboulevard.com

attackers breach breaches ceo +23

Adaptive DDoS Defense’s Value in the Security Ecosystem 1 day, 13 hours ago | securityboulevard.com

adaptive ddos analytics & intelligence and response attack +24

Understanding Business Email Compromise (BEC) 1 day, 13 hours ago | securityboulevard.com

attackers attacks bec business +17

Risk vs. Threat vs. Vulnerability: What is the difference? 1 day, 14 hours ago | securityboulevard.com

ciso suite click cyber lingo cyber security risks +11

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com