Colibri Malware

Cybersecurity researchers have uncovered a loader malware named Colibri that is being sold to wannabe hackers on underground forums. The price for gaining access to Colibri is set at $150 per week or $400 for an entire month. The creators of the threat promise that the price will also include any updates that they may release in that period. 

The threat is designed to infect Windows systems and deliver next-stage payloads on them stealthily. The malware type that Colibri drops on the breached devices depends on the exact goals of the cybercriminals using it. It can fetch and run both executable, as well as DLL files. 

As we said, it is up to the threat actors to decide on how to exploit compromised machines. They can deploy ransomware threats to lock the files stored there and then extort the victims for money. Alternatively, they can deploy crypto-miners that hijack the device's hardware resources and use them to generate specific cryptocurrencies. Various keyloggers, clippers, or infostealers also can be deployed in an attempt to obtain sensitive private information. The attackers could be after the user's account credentials, banking details, payment data and credit/debit card numbers. The breached system could even be attached to a botnet and used to launch DDoS or other attack types.