Latest Evasion news

New Bifrost malware for Linux mimics VMware domain for evasion

A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware.
- Bill Toulas
- February 29, 2024
- 04:36 PM
- 0
MacOS info-stealers quickly evolve to evade XProtect detection

Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently.
- Bill Toulas
- January 16, 2024
- 04:29 PM
- 1
FjordPhantom Android malware uses virtualization to evade detection

A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection.
- Bill Toulas
- November 30, 2023
- 09:00 AM
- 0
Hackers exploit Windows policy to load malicious kernel drivers

Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers on breached systems by exploiting a Windows policy loophole.
- Bill Toulas
- July 11, 2023
- 01:00 PM
- 1
New malware variant has “radio silence” mode to evade detection

The Sharp Panda cyber-espionage hacking group was observed targeting high-profile government entities in Vietnam, Thailand, and Indonesia, using a new version of the 'Soul' malware framework.
- Bill Toulas
- March 07, 2023
- 05:49 PM
- 2
New stealthy 'Beep' malware focuses heavily on evading detection

A new stealthy malware named 'Beep' was discovered last week, featuring many features to evade analysis and detection by security software.
- Bill Toulas
- February 14, 2023
- 09:44 AM
- 1
Raspberry Robin worm drops fake malware to confuse researchers

The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers and evade detection when it detects it's being run within sandboxes and debugging tools.
- Bill Toulas
- December 20, 2022
- 10:15 AM
- 0
Twitter images can be abused to hide ZIP, MP3 files — here's how

Yesterday, a researcher disclosed a method of hiding up to three MB of data inside a Twitter image. In his demonstration, the researcher showed both MP3 audio files and ZIP archives contained within the PNG images hosted on Twitter.
- Ax Sharma
- March 17, 2021
- 10:50 AM
- 1
Microsoft shares how SolarWinds hackers evaded detection

Microsoft today shared details on how the SolarWinds hackers were able to remain undetected by hiding their malicious activity inside the networks of breached companies.
- Sergiu Gatlan
- January 20, 2021
- 03:54 PM
- 0
Linux malware authors use Ezuri Golang crypter for zero detection

Multiple malware authors are using the "Ezuri" crypter and memory loader written in Go to evade detection by antivirus products. Source code for Ezuri is available on GitHub for anyone to use.
- Ax Sharma
- January 07, 2021
- 06:00 AM
- 2
TrickBot malware uses obfuscated Windows batch script to evade detection

This week researchers analyze BAT script obfuscation techniques used by Trickbot's 100 to evade antivirus detection.
- Ax Sharma
- November 24, 2020
- 09:00 AM
- 0
Sneaky Office 365 phishing inverts images to evade detection

A creative Office 365 phishing campaign has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by crawlers designed to spot phishing sites.
- Sergiu Gatlan
- November 04, 2020
- 09:00 AM
- 0
Thanos ransomware auto-spreads to Windows devices, evades security

The Thanos ransomware is the first to use a researcher-disclosed RIPlace anti-ransomware evasion technique as well as numerous other advanced features that make it a serious threat to keep an eye on.
- Lawrence Abrams
- June 10, 2020
- 02:57 PM
- 4
New Evasion Encyclopedia Shows How Malware Detects Virtual Machines

A new Malware Evasion Encyclopedia has been launched that offers insight into the various methods malware uses to detect if it is running under a virtual environment.
- Lawrence Abrams
- March 01, 2020
- 01:51 PM
- 0