New IceXLoader Malware Loader Variant Infected Thousands of Victims Worldwide
Nov 09, 2022
An updated version of a malware loader codenamed IceXLoader is suspected of having compromised thousands of personal and enterprise Windows machines across the world. IceXLoader is a commodity malware that's sold for $118 on underground forums for a lifetime license. It's chiefly employed to download and execute additional malware on breached hosts. This past June, Fortinet FortiGuard Labs said it uncovered a version of the trojan written in the Nim programming language with the goal of evading analysis and detection. "While the version discovered in June (v3.0) looked like a work-in-progress, we recently observed a newer v3.3.3 loader which looks to be fully functionable and includes a multi-stage delivery chain," Natalie Zargarov, cybersecurity researcher at Minerva Labs, said in a report published Tuesday. IceXLoader is traditionally distributed through phishing campaigns, with emails containing ZIP archives functioning as a trigger to deploy...
