Subnostr

#Summary:

- Zscaler ThreatLabz has discovered a new malware called BunnyLoader, available on underground forums.

- BunnyLoader is a fileless loader coded in C/C++, making it difficult to detect.

- It has various capabilities including keylogging, hijacking cryptocurrency wallet addresses, and remote command execution.

- BunnyLoader has been evolving and offering updates and bug fixes since its release on September 4, 2023.

- It uses a command-and-control panel for tasks like downloading additional malware and managing infected machines.

- The malware employs persistence mechanisms, anti-sandbox tactics, and interactions with C2 servers.

- It records keystrokes, exfiltrates data from web browsers, cryptocurrency wallets, and VPN clients.

- BunnyLoader also includes a clipper module that replaces cryptocurrency addresses in a victim's clipboard.

- Zscaler's ThreatLabz will continue monitoring BunnyLoader to ensure customer safety.

#Hashtags:

#BunnyLoader #malware #filelessloader #keylogging #cryptocurrency #cybersecurity #C2panel