New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection

CyberTech

CyberTech

Level 44
Thread author
Verified
Top Poster
Well-known
Nov 10, 2017
3,250
Content source
https://thehackernews.com/2021/07/this-new-malware-hides-itself-among.html
Cybersecurity researchers on Tuesday lifted the lid on a previously undocumented malware strain dubbed "MosaicLoader" that singles out individuals searching for cracked software as part of a global campaign.

"The attackers behind MosaicLoader created a piece of malware that can deliver any payload on the system, making it potentially profitable as a delivery service," Bitdefender researchers said in a report shared with The Hacker News. "The malware arrives on target systems by posing as cracked installers. It downloads a malware sprayer that obtains a list of URLs from the C2 server and downloads the payloads from the received links."
Click to expand...
 
  • Like
  • +Reputation
  • Applause
Reactions: brambedkar59, Nevi, ZeePriest and 19 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,592
It's worth pointing out that such Windows Defender exclusions can be found in the registry keys listed below:
  • File and folder exclusions - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths
  • File type exclusions - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions
  • Process exclusions - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes
Click to expand...
 
  • Like
  • Thanks
  • Applause
Reactions: brambedkar59, Nevi, ZeePriest and 16 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
Replies
0
Views
525
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
Replies
0
Views
572
News Archive
silversurfer
silversurfer
Shadowra
    • +Reputation
    • Like
Malware News StopCrypt: Most widely distributed ransomware evolves to evade detection
Replies
3
Views
993
Security News
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top