New Latrodectus malware attacks use Microsoft, Cloudflare themes


Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.

Latrodectus (aka Unidentified 111 and IceNova) is an increasingly distributed Windows malware downloader first discovered by Walmart’s security team and later analyzed by ProofPoint and Team Cymru that acts as a backdoor, downloading additional EXE and DLL payloads or executing commands.

Based on the distribution and infrastructure, researchers have linked the malware to the developers of the widely-distributed IcedID modular malware loader.

Read more…