silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,174
Read more below:The authors behind LokiBot info-stealer have turned to steganography to add a new layer of obfuscation, the researchers discovered in a recent variant of the malware.
LokiBot is currently under active development, with developers adding a bundle of features over the years. It can steal browser information from over 25 different products, check for remote administration tools (SSH, VNC, RDP), and find credentials for email and file transfer clients.
Researchers at Trend Micro discovered that new strains of LokiBot use image files to hide code needed for its unpacking routine.
Lokibot Uses Image Files to Hide Code for Unpacking Routine
The authors behind LokiBot info-stealer have turned to steganography to add a new layer of obfuscation, the researchers discovered in a recent variant of the malware.
www.bleepingcomputer.com
LokiBot Gains New Persistence Mechanism, Steganography
LokiBot has added various capabilities over the years. Our analysis of a new LokiBot variant shows its updated persistence mechanism and its use of steganography to hide its code.
blog.trendmicro.com