Lokibot Uses Image Files to Hide Code for Unpacking Routine

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,174
Content source
https://www.bleepingcomputer.com/news/security/lokibot-uses-image-files-to-hide-code-for-unpacking-routine/
The authors behind LokiBot info-stealer have turned to steganography to add a new layer of obfuscation, the researchers discovered in a recent variant of the malware.

LokiBot is currently under active development, with developers adding a bundle of features over the years. It can steal browser information from over 25 different products, check for remote administration tools (SSH, VNC, RDP), and find credentials for email and file transfer clients.

Researchers at Trend Micro discovered that new strains of LokiBot use image files to hide code needed for its unpacking routine.
Click to expand...
Read more below:
www.bleepingcomputer.com

Lokibot Uses Image Files to Hide Code for Unpacking Routine

The authors behind LokiBot info-stealer have turned to steganography to add a new layer of obfuscation, the researchers discovered in a recent variant of the malware.
www.bleepingcomputer.com www.bleepingcomputer.com
blog.trendmicro.com

LokiBot Gains New Persistence Mechanism, Steganography

LokiBot has added various capabilities over the years. Our analysis of a new LokiBot variant shows its updated persistence mechanism and its use of steganography to hide its code.
blog.trendmicro.com blog.trendmicro.com
 
  • Like
  • +Reputation
Reactions: stefanos, Mahesh Sudula, Andrew3000 and 6 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
    • Wow
Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT
Replies
4
Views
1,301
News Archive
Xeno1234
Xeno1234
CyberTech
    • Like
    • +Reputation
Security News LogoFAIL bugs in UEFI code allow planting bootkits via images
Replies
2
Views
1,831
Security News
Andy Ful
Andy Ful
silversurfer
    • Like
China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign
Replies
0
Views
1,183
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top