New WikiLoader malware evades detection, targeting Italian organizations. It uses various vectors for distribution, such as macro-enabled documents and PDFs. The malware is highly obfuscated and uses indirect syscalls and sandbox hooks to evade analysis. It also employs packed downloaders and has multiple versions under rapid development. The malware could be used by initial access brokers to deliver malware. Recommended measures include disabling macros, blocking execution of external files within OneNote, and adjusting default file extension associations. #WikiLoader #malware #cybersecurity #ItalianOrganizations #evadedetection

https://www.infosecurity-magazine.com/news/new-wikiloader-malware-extreme/