"LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks"

Researchers have discovered an updated version of the LODEINFO backdoor, which is distributed via spear-phishing attacks. According to researchers at ITOCHU Cyber & Intelligence, the malware now has new features and changes to anti-analysis techniques. Versions 0.6.6 and 0.6.7 of LODEINFO were first documented in November 2022. These findings detailed the backdoor's capabilities to execute arbitrary shellcode, take screenshots, and send files to an actor-controlled server. There were attacks on Japanese political establishments that resulted in the deployment of LODEINFO. This article continues to discuss findings regarding the LODEINFO backdoor.

THN reports "LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks"

Submitted by grigby1

Submitted by grigby1 CPVI on