BATLOADER Malware

By CagedTech in Malware

Translate To:

According to an analysis by cybersecurity experts, the BATLOADER malware is used by attackers in the initial compromising phase of the infection chain. This particular threat is designed to be delivered at the very start of the attack and is then tasked with fetching, deploying, and executing more powerful, next-stage payloads.

The BATLOADER malware is spread via software bundles hosted by dubious or compromised websites. To reassure their victims and avoid raising any suspicious, the attackers package their threatening tool alongside legitimate and often-used products such as Zoom or TeamViewer.

Once it has established its foothold inside the targeted computer, BATLOADER will deliver a subsequent malware threat that depends on the goals of the cybercriminals. Among the threats dropped by BATLOADER, is the Ursnif Trojan (also tracked as Gozim, Dreambot, and IFSB) that is equipped with multiple spyware routines. It can capture keystrokes, extract account credentials, spy on the user's Web activity and more.

BATLOADER also can deliver Cobalt Strike beacons giving the attackers backdoor access to the compromised machine. The legitimate Atera software that offers remote monitoring and management services also is exploited by the BATLOADER malware.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

BATLOADER Malware

Submit Comment

Related Posts

DBatLoader

Trending

Safe Search Eng

Findtheirreport.com

MarioLocker Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen