all InfoSec news
Technical Analysis of Xloader’s Code Obfuscation in Version 4.3
Security Boulevard securityboulevard.com
Key Points
Xloader is a popular information stealing malware family that is the successor to Formbook.
In early 2020, Formbook was rebranded as Xloader and the threat actors moved to a malware-as-a-service (MaaS) business model, renting C2 infrastructure to customers.
Xloader implements different obfuscation methods and several encryption layers to protect critical parts of code and data from analysis.
The developers behind this malware family continue to update the code with improved obfuscation and encryption layers with each new version …
analysis as-a-service business c2 infrastructure code critical customers data developers encryption family formbook information information stealing infrastructure january key key points maas malware malware-as-a-service obfuscation popular protect s code service stealing technical technical analysis threat threat actors update version xloader zscaler