"HijackLoader Evolves: Researchers Decode the Latest Evasion Methods"

The threat actors behind HijackLoader, a loader malware, have added new defense evasion techniques, as other malicious actors increasingly use the malware to deliver additional payloads and tools. CrowdStrike researchers reported that the malware developer used a standard process hollowing technique in conjunction with an additional trigger activated by the parent process writing to a pipe, making defense evasion more stealthy. HijackLoader was first identified by Zscaler ThreatLabz in September 2023 as a conduit for delivering DanaBot, SystemBC, and RedLine Stealer. It is also known to have a high degree of similarity to another loader known as the IDAT Loader. Both loaders are believed to be operated by the same cybercrime group. This article continues to discuss findings regarding HijackLoader. 

THN reports "HijackLoader Evolves: Researchers Decode the Latest Evasion Methods"

Submitted by grigby1

Submitted by Gregory Rigby on