Industry: N/A | Level: Operational | Source: CheckPoint
Research provided by Golan Cohen from CheckPoint Research identifies new activity with ZLoader malware. The malware utilizes compromised remote software management – Atera for initial access. Following the agent install, batch scripts are executed to setup persistence and modify properties of windows defender. The malware attempts to utilize stealth utilizing many LOLBin binaries.
January 05, 2022