Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Forum Veteran
Aug 17, 2014
12,726
123,827
8,399
Content source
https://thehackernews.com/2023/03/chinese-and-russian-hackers-using.html
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines.

Dubbed SILKLOADER by Finnish cybersecurity company WithSecure, the malware leverages DLL side-loading techniques to deliver the commercial adversary simulation software.

The development comes as improved detection capabilities against Cobalt Strike, a legitimate post-exploitation tool used for red team operations, is forcing threat actors to seek alternative options or concoct new ways to propagate the framework to evade detection.

"The most common of these include adding complexity to the auto-generated beacon or stager payloads via the utilization of packers, crypters, loaders, or similar techniques," WithSecure researchers said.
Click to expand...
thehackernews.com

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Threat actors from Chinese and Russian cybercriminal ecosystems have been observed using a new malware designed to load Cobalt Strike.
thehackernews.com thehackernews.com
 
  • Like
  • +Reputation
Reactions: vtqhtr413, upnorth, Trident and 4 others
You must log in or register to reply here.

You may also like...