Lazarus used ‘Kandykorn’ malware in attempt to compromise exchange — Elastic
Elastic has actually called the new malware “Kandykorn” and the loader program that loads it into memory “Sugarload,” as the loader file has a novel “. This file was obfuscated utilizing a “binary packer,” Elastic mentioned, enabling it to bypass most malware detection programs. The command “0xD3” can be used to list the contents of a directory on the victims computer, and “resp_file_down” can be used to transfer any of the victims files to the enemys computer.Elastic thinks that the attack occurred in April 2023.
Elastic has actually called the brand-new malware “Kandykorn” and the loader program that loads it into memory “Sugarload,” as the loader file has an unique “. This file was obfuscated utilizing a “binary packer,” Elastic specified, allowing it to bypass most malware detection programs. The command “0xD3” can be used to list the contents of a directory site on the victims computer system, and “resp_file_down” can be used to transfer any of the victims files to the aggressors computer.Elastic believes that the attack happened in April 2023.
Related Content
- SEC embroiled in court cases; Hester Peirce says crypto firms shouldn’t give up on US
- US court rejects Fed’s motion to dismiss Custodia Bank case
- Google Cloud furthers Bitcoin Lightning ambitions with Voltage partnership
- Crypto startup Bastion secures money transmitter licenses in US
- Recursive inscriptions: Bitcoin ‘supercomputer’ and BTC DeFi coming soon