Threat Spotlight: Astaroth — Maze of obfuscation and evasion reveals dark stealer


  • Cisco Talos is detailing an information stealer, Astaroth, that has been targeting Brazil with a variety of lures, including COVID-19 for the past nine to 12 months.
  • Complex maze of obfuscation and anti-analysis/evasion techniques implemented by Astaroth inhibit both detection and analysis of the malware family.
  • Creative use of YouTube channel descriptions for encoded and encrypted command and control communications (C2) implemented by Astaroth.

Read more…