"DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates"

A new malspam campaign has been observed deploying DarkGate, an off-the-shelf malware. The current increase in DarkGate malware activity is likely given that the malware's developer has recently begun renting it out to a limited number of affiliates, according to Telekom Security. The most recent report expands on the findings of security researcher Igal Lytzki, who described a "high volume campaign" that uses hijacked email threads to trick recipients into downloading malware. DarkGate, which is mainly sold on underground forums by an actor named RastaFarEye, includes the ability to evade detection by security software, set up persistence using Windows Registry changes, escalate privileges, and steal data from web browsers and other applications such as Discord and FileZilla. This article continues to discuss the DarkGate malspam campaign. 

THN reports "DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates"