Elegant sLoad Carries Out Spying, Payload Delivery in BITS

From threatpost.com

sload malware bits windows

The BITS file-transfer component of Windows as a key piece of sLoad’s attack methodology.

A fresh analysis of the trojan sLoad sheds light on the growing trend of advanced malware “living off the land” of a targeted system and successfully evading detection and carrying out malicious activities.

SLoad is a PowerShell downloader type of malware and is known for its impressive reconnaissance tactics and targeting efforts. But what makes it unique to researchers is an almost exclusive use of a legitimate Windows file transfer utility for data exfiltration, payload fetching and command-and-control (C2) communications.

Read more…