LodaRAT Update: Alive and Well

From blog.talosintelligence.com

  • During our continuous monitoring of LodaRAT, Cisco Talos observed changes in the threat that add new functionality.
  • Multiple new versions of LodaRAT have been spotted being used in the wild.
  • These new versions of LodaRAT abandoned their previous obfuscation techniques.
  • Direct interaction with the threat actor was observed during analysis, indicating the actor is actively monitoring infected hosts.

Read more…