Threat Database Malware NullMixer Malware

NullMixer Malware

The NullMixer Malware is being used by cybercriminals during the early phases of their attack operations. The threat is designed specifically to be deployed during the initial infection step and act as a dropper - it will fetch and execute the payloads of the harmful threats. So far, cybersecurity experts have observed NullMixer being used to deliver a wide range of malware threats - from spyware to banking Trojans and backdoors. Some of the specific threats include - Legion Loader, Vidar Stealer, RedLine Stealer, Raccoon Stealer, Socelars and many others.

The NullMixer Malware is distributed through a specific method. The threat is being predominantly spread via sites offering cracked or illegally activated versions of paid software products. Typically, users will search for a specific application and be taken to the dubious website. They may further be redirected to a different page, where a password-protected archive will be available for download. Instead of the expected contents, the archive deploys the NullMixer threat.

Users must be extremely careful when dealing with files obtained from unproven sources, especially when they are presented as cracked applications. The consequences of the infection will depend on the specific goals of the attackers and the final payload delivered via NullMixer.


Most Viewed