DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Talk To An Expert
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Talk To An Expert
CyberMaterial
Home Alerts

HijackLoader Malware on the Rise

September 11, 2023
Reading Time: 2 mins read
in Alerts

Security researchers at Zscaler ThreatLabz have identified a growing threat in the form of a new malware loader known as HijackLoader. This loader has gained traction among cybercriminals over the past few months due to its modular structure, which enables code injection and execution support.

While not considered sophisticated, HijackLoader exhibits evasion techniques like syscalls to avoid detection by security solutions, process detection based on a blocklist, and code execution delays at different stages. It has been observed loading various malware families such as Danabot, SystemBC, and RedLine Stealer.

First spotted in July 2023, HijackLoader employs an array of anti-analysis features in its initial stage, including dynamic loading of WindowsI functions via custom API hashing and conducting an HTTP connectivity test to a legitimate website like mozilla.org before proceeding with execution.

The loader also maintains persistence by creating a shortcut file (LNK) in the Windows Startup folder, pointing it to a Background Intelligent Transfer Service (BITS) job that leads to the executable file.

Despite its unrefined code quality, the rising popularity of HijackLoader suggests potential future improvements and increased usage by various threat actors. Zscaler has shared Indicators of Compromise (IOCs) for HijackLoader, emphasizing its modular nature and evasion tactics, which make it a notable threat in the evolving landscape of malware loaders.

Source:
  • Technical Analysis of HijackLoader
Tags: AlertsAlerts 2023CyberattackCybersecurityHijackLoaderMalwareSeptember 2023VulnerabilitiesZScalerZscaler ThreatLabz
13
VIEWS
ADVERTISEMENT

Related Posts

Critical WordPress Plugin Flaws

Critical WordPress Plugin Flaws

September 29, 2023
Cisco Warns of Critical SD-WAN Flaw

Cisco Warns of Critical SD-WAN Flaw

September 29, 2023
Malicious Packages on npm and PyPI

Malicious Packages on npm and PyPI

September 29, 2023
Critical WordPress Plugin Flaws

Critical SharePoint Vulnerabilities Revealed

September 29, 2023

More Articles

Incidents

IT Services Provider Hit by Donut Gang

September 22, 2023
Alerts

Lazarus Group Threat to Healthcare

September 22, 2023
Cyber Briefing

September 22, 2023 – Cyber Briefing

September 22, 2023
Alerts

Chinese-Language Phishing Campaigns

September 20, 2023

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Alerts
  • Incidents
  • News
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
    • Tutorials
  • Report Cyber Incident
  • GET HELP
  • Contact Us

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.