The AbSent Loader is an educational project posted on the GitHub website. The goal of the AbSent Loader is to help cybersecurity researchers study this threat up close and learn how to combat it. However, like with most malware created with good intentions, the AbSent Loader was hijacked and weaponized by cyber crooks quickly. The fact that the code of the AbSent Loader is available online freely means that any shady individual with ill intentions can misappropriate it. It would appear that cybercriminals have already taken this opportunity as the AbSent Loader has been spotted as the first payload in several hacking campaigns recently.
The AbSent Loader is not an overly complex threat, and it does not possess a long list of capabilities. However, the AbSent Loader is fully capable of carrying out successful attacks. When the AbSent Loader compromises a targeted system, it will first make sure to gain persistence on the host. Next, the AbSent Loader would connect to the C&C (Command & Control) server of its operators. The AbSent Loader will collect some data regarding the software and hardware of the compromised host, which will then be transferred to the C&C server. This data helps the attackers figure out what secondary payload to deploy. The AbSent Loader works in the background silently and performs regular checks with the C&C to determine whether there are any new tasks for it to carry out.
The AbSent Loader is able not only to allow the attackers to inject a secondary payload, but it also could be used as a carrier of the payload itself. This means that the AbSent Loader is capable of planting additional malware on the infected system without establishing a connection with the C&C server.
The AbSent Loader is a potent threat that can be weaponized by cyber crooks easily. This malware can be used to deliver various threats – data-locking Trojans, RATs (Remote Access Trojans), backdoors, infostealers, etc. If you want to guard your machine from threats like the AbSent Loader, it is recommended to invest in a trustworthy anti-virus software suite.