Disclosures:
Professional Reviews

The reviews found on GuideHaven consist of evaluations conducted by community reviewers. These assessments take into account the reviewers’ unbiased and knowledgeable analysis of the products and services being reviewed.

Ownership

GuideHaven is a leading cybersecurity review website with a team of experts experienced in testing and evaluating VPNs, antiviruses, password managers, parental controls, and software tools. Our reviews are available in 29 languages, making them accessible to a broad audience since 2018. To further support our readers in their pursuit of online security, we’ve partnered with Kape Technologies PLC, which owns popular products like ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, all of which may be reviewed on our website.

Affiliate Commissions

GuideHaven contains reviews that follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will take into consideration the independent, honest, and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, at no additional cost to them. On listicle pages, we rank vendors based on a system that prioritizes the reviewer’s examination of each service, but also considers feedback received from our readers and our commercial agreements with providers.

Review Guidelines

The reviews published on GuideHaven are written by community reviewers that examine the products according to our strict reviewing standards. Such standards ensure that each review prioritizes the independent, professional, and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may also take into consideration the affiliate commissions we earn for purchases through links on our website.

ViperSoftX Malware Expands Targets to Include Password Managers in Information Theft Scheme

ViperSoftX Malware Expands Targets to Include Password Managers in Information Theft Scheme

Ari Denial
Published by Ari Denial on May 01, 2024

The ViperSoftX malware, known for stealing information primarily related to cryptocurrencies, gained notoriety in 2022 for hiding malicious code within log files.

However, since its initial discovery in November, the malware has evolved to include the use of DLL sideloading for its arrival and execution, along with a more sophisticated encryption method of byte remapping and monthly rotation of command-and-control servers. This new update makes decryption and analysis of the shellcode more challenging for analysts, as the correct byte map is necessary for proper decryption.

Researchers from Trend Micro have recently reported that ViperSoftX, an information-stealing malware that was first discovered in 2020, has expanded its focus beyond just cryptocurrencies. The malware is now targeting additional cryptocurrency wallets and browsers such as Brave, Edge, Opera, and Firefox, as well as password managers.

The latest version of the malware also features stronger code encryption and new evasion techniques to bypass security software. According to Trend Micro’s analysis, the malware has affected both the consumer and enterprise sectors, with the majority of the victims located in the US, Japan, Italy, Taiwan, Australia, Malaysia, Taiwan, France, and India.

According to the analysts’ findings, the malware usually enters systems disguised as benign software such as software cracks, activators, or key generators.

Avast’s documentation of the version revealed that VenomSoftX had aimed for various cryptocurrency wallets such as Binance, eToro, Kucoin, Blockchain, Coinbase, Kraken, and Gate.io.

Trend Micro’s report highlights that ViperSoftX has become more concerning, as the malware is now targeting two password managers, specifically 1Password and KeePass 2, in an effort to extract sensitive data saved within their browser extensions.

The latest version of ViperSoftX includes anti-detection, anti-analysis, and stealth features such as DLL sideloading, virtualization and monitoring tool checks, byte mapping encryption, and a new communication blocker to avoid C2 infrastructure analysis and detection.

Did you like this article? Rate it!
 
 
 
 
 
I hated it I don’t really like it It was ok Pretty good! Loved it!
5.00 Voted by 1 users
Title
Comment
Thanks for your feedback