An unidentified threat actor has been observed employing a “complex and powerful” malware loader with the ultimate objective of deploying cryptocurrency miners on compromised systems and potentially facilitating the theft of Discord tokens.
“The evidence found on victim networks appears to indicate that the goal of the attacker was to install cryptocurrency mining software on victim machines,” researchers from the Symantec Threat Hunter Team, part of Broadcom Software, said in a report shared with The Hacker News.
“This would appear to be a relatively low-reward goal for the attacker given the level of effort that would have been required to develop this sophisticated malware.”
This advanced piece of malware, dubbed Verblecon, is said to have been first spotted two months ago in January 2022, with the payload incorporating polymorphic qualities to evade signature-based detections by security software.
images from Hacker News