reversing

Published at: https://www.bitsight.com/blog/hunting-privateloader-malware-behind-installskey-ppi-service

Published at: https://www.bitsight.com/blog/tofsee-botnet-proxying-and-mining

Published at: https://www.bitsight.com/blog/unpacking-colibri-loader-russian-apt-linked-campaign

PrivateLoader is a loader from a pay-per-install malware distribution service that has been utilized to distribute info stealers, banking trojans, loaders, spambots, rats, miners and ransomware on Windows machines. First seen in early 2021, being hosted on websites that claim to provide cracked software, the customers of the service are able to selectively deliver malware to victims based on location, financial activity, environment, and specific software installed. Let’s have a look at the malware and try to find a way to detect and hunt it....