New XLoader Botnet Version Using Probability Theory to Hide its C&C Servers
Jun 01, 2022
An enhanced version of the XLoader malware has been spotted adopting a probability-based approach to camouflage its command-and-control (C&C) infrastructure, according to the latest research. "Now it is significantly harder to separate the wheat from the chaff and discover the real C&C servers among thousands of legitimate domains used by Xloader as a smokescreen," Israeli cybersecurity company Check Point said . First spotted in the wild in October 2020, XLoader is a successor to Formbook and a cross-platform information stealer that's capable of plundering credentials from web browsers, capturing keystrokes and screenshots, and executing arbitrary commands and payloads. More recently, the ongoing geopolitical conflict between Russia and Ukraine has proved to be a lucrative fodder for distributing XLoader by means of phishing emails aimed at high-ranking government officials in Ukraine. The latest findings from Check Point build on a previous repor