ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan
May 01, 2024
Malware / Cyber Threat
The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it's based on, indicating that it's being actively developed. "The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection," Zscaler ThreatLabz researcher Santiago Vicente said in a technical report. "A similar anti-analysis feature was present in the leaked Zeus 2.X source code, but implemented differently." ZLoader, also called Terdot, DELoader, or Silent Night, emerged after a nearly two-year hiatus around September 2023 following its takedown in early 2022. A modular trojan with capabilities to load next-stage payloads, recent versions of the malware have added RSA encryption as well as updates to its domain generation algorithm (DGA). The latest sign of ZLoader's evolution comes in...
