Unraveling WikiLoader: The New Malware Strain Targeting Italian Organizations

Unraveling WikiLoader: The New Malware Strain Targeting Italian Organizations

A “Phishy” Situation in Italy

– A new phishing campaign has been targeted towards organizations in Italy.
– The campaign deploys a new strain of malware: WikiLoader.
– The ultimate goal is to install a banking trojan, stealer, and spyware known as Ursnif, or Gozi.
– The software is a highly sophisticated downloader, with the intent to install a second malware payload.
– To avoid detection and bolster effectiveness, the malware employs multiple mechanisms.

Italian “Spaghetti” Phishing

Not all is sunny in Italy, as a new phishing campaign has surfaced with organizations in the nation being directly in its crosshairs. We’re not discussing marinara sauce being the wrong color here, rather it’s a tad “phishier”. This Trojan “horse” (or should we say, “Pasta Donkey”) does not come bearing gifts but a brutish new strain of malware named WikiLoader.

WikiLoader – The Dish On The Menu

This dish (so to speak) has a singular mission: to serve up a nasty surprise by installing a dangerous software triplet – a banking trojan, a stealer and spyware, all charmingly named as Ursnif or Gozi if you prefer. Far from being an appetizer, this trio tends to spoil the entire meal.

The Perfect “Pasta” Recipe

WikiLoader is no al dente noodle. According to a detailed report by digital security firm Proofpoint, it’s a meticulously crafted main course designed to install a second malware payload. To put it simply, it is the equivalent of finding a cockroach in your carbonara.

Loaded With Goodies

To ensure maximum discomfort, this malware is equipped with a variety of tricks to dodge detection. With multiple mechanisms to evade, it leaves no stone un-turned in trying to successfully infiltrate its targets. Unlike a helpful Italian waiter, this one is trained to avoid you noticing its antics until it’s too late.

Summary

In summary, organizations in Italy are being targeted by a new phishing campaign that employs a new strain of malware known as WikiLoader. Its ulterior motive is to deploy a despicable triad of malicious software: Ursnif (aka Gozi), which includes a banking trojan, stealer, and spyware. This highly sophisticated downloader is designed to install a second malware payload and uses multiple mechanisms to remain undetected. Like an unwanted dish at an Italian feast, WikiLoader is proving to be a serious inconvenience for its unsuspecting hosts.

Original Article: https://thehackernews.com/2023/08/cybercriminals-renting-wikiloader-to.html


0

Your Cart Is Empty

No products in the cart.