A detailed examination of a Pay-per-install (PPI) malware service called PrivateLoader has revealed its crucial role in the delivery of a variety of malware such as SmokeLoader, RedLine Stealer, Vidar, Raccoon, and GCleaner since at least May 2021.
Loaders are malicious programs used for loading additional executables onto the infected machine. With PPI malware services such as PrivateLoader, malware operators pay the service owners to get their payloads “installed” based on the targets provided.
“The accessibility and moderate costs allow malware operators to leverage these services as another weapon for rapid, bulk and geo-targeted malware infections,” cybersecurity firm Intel 471 said in a new report shared with The Hacker News.
images from Hacker News