Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

D3F@ck Loader, the New MaaS Loader

May 21, 2024, 9:07 p.m.

Description

In March 2024, eSentire's Threat Response Unit (TRU) discovered multiple instances of D3F@ck Loader infections being propagated via Google Ads. This new loader, which debuted on hacking forums in January 2024 (Figure 1), can allegedly bypass several key security features such as Google Chrome, Edge, Windows Defender alerts, and SmartScreen.

Date

Published: May 21, 2024, 9:03 p.m.

Created: May 21, 2024, 9:03 p.m.

Modified: May 21, 2024, 9:07 p.m.

Indicators

116.202.188.155

194.147.35.251

https://pastebin.com/raw/ZmJsLQWU

Attack Patterns

T1110

T1199

T1055

T1553

T1059

CVE-2024-3400

Additional Informations

Food

Construction

Retail

Healthcare

Legal

Education

Finance

Government

Manufacturing