We've protected nearly 400,000 global Avast users from malware that makes use of OnionCrypter
Today’s malware is a lot like a car. Both cars and malware are made up of many components that enable them to run. Cars have different parts like engines, tires, and steering wheels; malware has loaders, payloads, and command modules.
Recently, researchers at Avast Threat Labs spent time looking at a specific “part” that malware authors use to make their “cars”. It’s called a “crypter”, which is a tool used to hide malicious parts of code using encryption in an effort to appear as harmless and more difficult to read. Malware authors use this technique to hide their malicious code from researchers, antivirus and security software. From a malware author’s point of view, a crypter is an important tool to counter protections against malware. From a researcher point of view, though, being able to identify a crypter helps us better and more quickly identify new malware when that malware has this component in it.
Introducing OnionCrypter
Our researchers looked into a specific crypter that we’re calling OnionCrypter. We’ve chosen this name because this particular crypter uses multiple techniques to make it harder for researchers, antivirus, and security software to read the information that it protects. Put simply, the information is hidden within the layers of the “onion” of its encryption. OnionCrypter is unusual because of the way it uses multiple layers to hide its information. It’s important to note that the name reflects the many layers this crypter uses, and it’s in no way related to the Tor browser or network.
We also found that OnionCrypter has been widely u ..
Support the originator by clicking the read the rest link below.
