"Typhon Info-Stealing Malware Devs Upgrade Evasion Capabilities"

The creators of the Typhon information-stealing malware claimed on a dark web forum that they had updated the malware to a new version, which they now market as "Typhon Reborn V2." They revealed improvements intended to prevent analysis via anti-virtualization methods. Malware analysts found the original Typhon in August 2022. At the time, Cyble Research Labs discovered that the malware bundled the main stealer component with a clipper, a keylogger, and a cryptocurrency miner. Although the initial version of Typhon was sold over Telegram for a one-time payment of $50, its creators also offered to distribute it for about $100 per 1,000 victims. Since January, the new version has been advertised on the dark web and purchased several times, according to Cisco Talos analysts. However, the researchers found samples of the new variant in the wild that dated back to December 2022. According to Cisco Talos, the Typhon V2 codebase has been updated to make the malicious code more robust, reliable, and stable. This article continues to discuss researchers' findings and observations regarding the new version of Typhon information-stealing malware. 

Bleeping Computer reports "Typhon Info-Stealing Malware Devs Upgrade Evasion Capabilities"