"🐰 BunnyLoader Unleashed: The Newest Kid on the Malware Block 🐰"
In a recent discovery, Zscaler ThreatLabz stumbled upon a new Malware-as-a-Service (MaaS) threat named "BunnyLoader" being peddled on various forums. This nefarious service offers a plethora of malicious functionalities including downloading and executing a second-stage payload, pilfering browser credentials and system information, keylogging, and even cryptocurrency theft through clipboard manipulation. 🕵️♀️💻
The malware, written in C/C++, is sold for a lifetime price of $250 and is under rapid development with multiple feature updates and bug fixes. It employs various anti-sandbox techniques during its attack sequence to evade detection and has a fileless loader feature which executes further malware stages in memory. BunnyLoader's C2 panel allows the threat actor to control infected machines remotely, showcasing a list of various tasks including keylogging, credential theft, and remote command execution among others. 🛑🔐
The detailed technical analysis reveals how BunnyLoader maintains persistence, performs anti-VM techniques, registers with the C2 server, and executes its core malicious tasks. The malware also harbors a clipper module to replace cryptocurrency addresses in a victim's clipboard with addresses controlled by the threat actor, targeting multiple cryptocurrencies like Bitcoin, Ethereum, and Monero. 🪙💸
The article is a comprehensive dive into the technical intricacies of BunnyLoader, shedding light on its modus operandi and the potential threat it poses to individuals and organizations alike. 🧐🔍
Source: Zscaler ThreatLabz
Tags: #BunnyLoader #MalwareAsAService #CyberSecurity #ThreatAnalysis #Malware #CryptocurrencyTheft #Zscaler #ThreatLabz #InfoSec
Authors: NIRAJ SHIVTARKAR, SATYAM SINGH
OTX Bot
gtbarry
ADMIN magazine
KrebsOnSecurity RSS
ITSEC News
🛡 
