""DeepLoad's design is explicitly focused on actively facilitating real-time cryptocurrency theft, which almost certainly makes it an attractive malware suite in the cybercrime-as-a-service (CaaS) environment.""
""The loader also wipes its own tracks by disabling PowerShell command history and calling Windows core functions directly instead of relying on PowerShell's built-in commands, quietly sidestepping the most common monitoring hooks.""
DeepLoad is a newly discovered malware family that emerged on a dark web forum in February. It is designed to steal credentials and facilitate real-time cryptocurrency theft. The malware is distributed using the ClickFix technique, where victims receive fake browser error messages prompting them to execute a command that installs DeepLoad. This malware generates a secondary component that evades detection by using unique file names and disabling PowerShell command history. DeepLoad is injected into legitimate processes to blend in with normal Windows activity.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]