Reloaded: BLISTER Malware Loader Facilitates Precise Targeting
- The updated version of a malware loader known as BLISTER is now being used in the SocGholish infection chains to disseminate an open-source command-and-control (C2) framework called Mythic.
- The latest BLISTER update features a crucial keying functionality that enables precise target focusing on specific victim networks, thereby reducing exposure within VM or sandbox environments, according to Elastic Security Labs researchers Salim Bitam and Daniel.
A Blistering Update to Malware
Looks like BLISTER, a malware loader, is back with a bang! No, it’s not releasing a mixtape but it’s making waves in the cyberworld as part of SocGholish infection chains. Instead of taking a vacation, it’s hard at work distributing an open-source command-and-control (C2) framework better known by its stage name, Mythic.
Target Acquired, Reduction Imminent
Like a well-practiced marksman, the latest update of BLISTER comes with a feature that enables it to precisely target its victims. Kind of like ordering a pizza online, but instead of picking toppings you get to pick networks. This keying function consequently reduces its exposure within VM or sandbox environments, says Elastic Security Labs’ very own dynamic duo, Salim Bitam, and Daniel. It’s like the Harry Potter’s invisibility cloak, except it’s for cyber malice and not escaping from Hogwarts at night.
To sum up, the once-simple BLISTER malware loader has come of age with its updated version. It’s now part of the SocGholish infection chains and is responsible for spreading an open-source command-and-control framework named Mythic. In a more “target infliction” sort of vibe, the updated BLISTER now has a keying feature enabling accurate targeting of victim networks. Plus, it keeps itself quite stealthy in VM or sandbox environments thanks to the same feature. It’s safe to say that in the great game of cyberattacks, BLISTER has gone from being a pawn to a player.