Unmasking ASMCrypt: The Stealthy Evolution of Malware Defeating AV/EDR Systems

Unmasking ASMCrypt: The Stealthy Evolution of Malware Defeating AV/EDR Systems

Meet ASMCrypt: DoubleFinger’s “Evolved” Sibling in the Malware Family

Main Points

  • Threat actors are selling a new crypter and loader called ASMCrypt
  • ASMCrypt is described as an evolved version of the known malware, DoubleFinger
  • This type of malware aims to load the final payload undetected by antivirus/endpoint detection and response (AV/EDR)
  • An analysis of this new threat was published by Kaspersky

Making an Unwanted Entrance: ASMCrypt

Imagine your antivirus software as the nosy neighborhood watch, always critiquing your visitors. Well then, we’ve got a new ‘rebel without a cause’ strolling in, attempting to go undetected. Threat actors are selling a new crypter and loader malware called ASMCrypt. It’s the quiet kid who slips past the crowd, unnoticed. Let’s just say, in the school of malware, ASMCrypt would win the award for the most ‘under-the-radar’.

The Unpleasant Evolution: From DoubleFinger to ASMCrypt

ASMCrypt is supposedly the evolved version of DoubleFinger. So, it’s essentially the child who took notes from their naughty sibling and did things more covertly. This menacing evolution has left many in the cybersecurity world on their toes, especially as it furthers the capabilities of its malware “family tree”.

The Art of Deception: The Goal of the Malware

The not-so-noble aim of this malware is to load the final payload without getting caught by the ever-watchful antivirus or endpoint detection and response systems (AV/EDR). Makes you wonder, if ASMCrypt was a regular at the poker table, it’d surely win every round by bluffing!

The ‘Insider’ Knowledge: Kaspersky’s Analysis

This week, Kaspersky – think of them as the tech version of Sherlock Holmes – released an analysis of this ‘sly fox’ of a malware. The report highlights the threat and the sneaky ways ASMCrypt tries to get past security systems. ASMCrypt, as sophisticated as its operations may be, is not invincible, and this analysis helps us understand its workings better.

In Summary

An evolved form of the DoubleFinger malware, ASMCrypt, is being distributed by threat actors. This crypter and loader is developed to bypass detection from AV/EDR systems, causing quite a stir in the tech world. In response, Kaspersky has done a deep-dive analysis into its operation to give us a better understanding of how to combat this new threat. So, in this ongoing game of ‘cat and mouse’ between malware and security systems, let’s hope our cyber ‘watchdogs’ continually evolve faster than the threats.

Original Article: https://thehackernews.com/2023/09/cybercriminals-using-new-asmcrypt.html


Your Cart Is Empty

No products in the cart.