News

🚨Pay to play PrivateLoader spreads Smokeloader, Redline, Vidar malware🚨

  • 9 February 2022
  • 0 replies
  • 39 views
🚨Pay to play PrivateLoader spreads Smokeloader, Redline, Vidar malware🚨
Userlevel 5
Badge +3
  • Community Manager
  • 24 replies

PrivateLoader is a modular downloader programmed in the C++ programming language connected to an unidentified PPI service. PrivateLoader sits at the front of this operation and communicates with its back-end infrastructure to retrieve URLs for the malicious payloads to "install" on the infected host. As is the case with downloaders tied to PPI services, PrivateLoader communicates a variety of statistics such as which payloads were downloaded and launched successfully. Distribution campaigns generally rely on a network of search engine optimization (SEO) enhanced websites that lure unsuspecting victims searching for warez aka pirated software to download and execute malware. A password-protected archive typically is delivered that contains a setup file that embeds and executes multiple malicious payloads on the infected host such as GCleaner, PrivateLoader, Raccoon, Redline, Smokeloader and Vidar malware.


0 replies

Be the first to reply!

Reply