LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations | allinfosecnews.com

June 19, 2024, 12:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Executive Summary

LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given its clear efforts at decoy and evasion. After analysis of the sample LevelBlue Labs retrieved, we uncovered several techniques SquidLoader is using to …

attachments chinese evasive executive in the wild labs levelblue loader malware organizations payload phishing stage system targeting victim

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Malware development trick 42: Stealing data via legit Discord Bot API. Simple C example 6 hours ago | malware.news

api application bot concept +25

Velvet Ant’s Strategic Targeting: A Long-Term Cyber Espionage Campaign Against F5 BIG-IP Systems 6 hours ago | malware.news

advanced advanced persistent threat adversary ant +21

Affirm says Evolve Bank data breach also compromised some of its customers 7 hours ago | malware.news

8-k affirm amp attack +24

Give a lead to save a child 8 hours ago | malware.news

abuse camera child child sexual abuse +13

365 Total Backup Changes July 2024 8 hours ago | malware.news

article backup backups change +11

Deep Dive into Blockchain Security: Vulnerabilities and Protective Measures 8 hours ago | malware.news

applications article author blockchain +12

Google Summer Of Code 2024 In Stratosphere. Blog for the first month of Sekhar Kumar … 10 hours ago | malware.news

article blog code dash +6

Release notes: Mutexes in TI Lookup, new YARA rules, extractors, and more 11 hours ago | malware.news

any.run capabilities config detection +15

Vulnerabilities in PanelView Plus devices could lead to remote code execution 19 hours ago | malware.news

attackers automation can code +17

Information Assurance Engineer

@ Leidos | 6314 Remote/Teleworker US

View on infosec-jobs.com

SQL Database Admin - INT

@ General Dynamics Information Technology | USA AZ Fort Huachuca - 2133 Cushing St, Bldg 61801 (AZC012)

View on infosec-jobs.com

Network Engineer - Lead

@ QBE LLC | Arlington, VA, US

View on infosec-jobs.com

Cloud Managed Services Engineer

@ Versa Networks | Switzerland

View on infosec-jobs.com

Software Engineer - Microsoft Entra ID

@ BT Group | Snowhill, Birmingham, United Kingdom

View on infosec-jobs.com

Security Cloud Solution Architecture Manager

@ Microsoft | Issy Les Moulineaux, Hauts-de-Seine, France

View on infosec-jobs.com