The SharpLoader is an eight-year-old project designed to load and uncompress a C# payload from a remote web server or local file for execution. Its Powershell script version has managed to remain largely undetected by antiviruses. The scripts use a widespread method to bypass Anti-Malware Scan Interface (AMSI) and downloads and executes additional payloads, including a Base64-encoded payload containing an executable loader.
Crypto-stealing malware found in Android, iOS app-making kits: Kaspersky
Kaspersky Labs reports that a software development kit for Google and Apple phone apps contains malware that can scan images for crypto wallet recovery phrases.
