"Astaroth Trojan Employed YouTube Channels as C&C to Evade Detection"

Cisco Talos discovered a new variant of the Astaroth Trojan family that applies evasion checks and anti-analysis processes through the use of YouTube channels as its command-and-control (C&C) infrastructure. The new Astaroth attack campaign primarily targets users in Brazil to steal passwords and personal information. Another variant detected by Cybereason in 2019 used JPEG, GIF, and extensionless files to disguise its payload and evade detection. Security professionals are encouraged to explore the use of machine learning (ML) models to defend their organizations against Astaroth and other evasive malware. This article continues to discuss the operation of the new Astaroth attack campaign, other previously detected variants of the Astaroth Trojan family, as well as the training of ML models and the use of relevance scoring by security professionals to defend their organizations against evasive malware. 

Security Intelligence reports "Astaroth Trojan Employed YouTube Channels as C&C to Evade Detection"