cognitive cybersecurity intelligence

News and Analysis

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth

An updated version of a malware loader, known as Hijack Loader, has been discovered with new features aimed at evading detection and maintaining persistence. The information-stealing malware uses methods including call stack spoofing to hide the origin of function calls and perform anti-VM checks to detect malware analysis environments. Cybersecurity community is keeping track of Hijack Loader’s evolution, which had previously used legitimate code-signing certificates and a now infamous ClickFix strategy for distribution.

Source: thehackernews.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

News and Analysis

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth

Subscribe to newsletter

More Posts

New Triada comes preinstalled on Android devices

Hackers are selling counterfeit phones with crypto-stealing malware

Guide to Cyber Threat Analysis: From Data Collection to Defense Strategy

Sonatype reports rise in open source malware to 17,954

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company