Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware

Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware


The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer.
“The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing self-modifying techniques to evade detection,” security researchers Nicole Fishbein and Ryan Robinson said in

The post “Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)