LokiBot Impersonates Popular Game Launcher And Drops Compiled C Code File
After a quiet period, cybersecurity researchers from Trend Micro[3] revealed a renewed malware campaign impersonating the launcher for multiplayer video game Fortnite. A massive malspam campaign has been spotted imitating the launcher for Epic Games, which after granting permission launches the #C code allowing to bypass security systems and the .NET file that opens the backdoor for data leaking.
LokiBot Impersonates Popular Game Launcher and Drops Compiled C Code File
During the first week of March, Morphisec intercepted and prevented an advanced Lokibot delivery campaign on some of its customers in the financial sector. While Lokibot has been lately reported to be delivered via impersonation of a known game launcher, previously it was also delivered through advanced AutoIt obfuscated Frenchy shellcode.