"New Rugmi Malware Loader Surges with Hundreds of Daily Detections"

Threat actors are using a new malware loader, tracked under the name Win/TrojanDownloader.Rugmi, to deliver various information stealers such as Lumma Stealer, Vidar, RecordBreaker, and Rescoms. According to researchers at ESET, this malware is a loader composed of a downloader that downloads an encrypted payload, a loader that executes the payload from internal resources, and another loader that runs the payload from an external file on the disk. The company's telemetry data shows that detections for the Rugmi loader increased significantly in October and November 2023. This article continues to discuss key findings regarding the new Rugmi malware loader.

THN reports "New Rugmi Malware Loader Surges with Hundreds of Daily Detections"

Submitted by grigby1

Submitted by Gregory Rigby on