Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox
Apr 08, 2024
Cybercrime / Network Security
Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said in a joint analysis published last week, adding it's designed to retrieve payloads and execute arbitrary commands. There is evidence to suggest that the downloader is likely written by the same threat actors behind the IcedID malware , with the downloader put to use by initial access brokers (IABs) to facilitate the deployment of other malware. Latrodectus has been primarily linked to two different IABs tracked by Proofpoint under the names TA577 (aka Water Curupira) and TA578, the former of which has also been linked to the distribution of QakBot and PikaBot. As of mid-January 2024, it's been employed almost exclusively by TA578 in email threat ca...
