Byakugan Malware Strikes Via Fake Adobe Installers, Evades Detection

April 6, 2024
Byakugan Malware Strikes Via Fake Adobe Installers, Evades Detection
  • A new malware, Byakugan, is spreading through fake Adobe Acrobat Reader installers.

  • Victims are tricked into downloading a malicious PDF file that suggests they need the Reader, initiating the malware installation.

  • Byakugan employs DLL hijacking and bypasses Windows User Access Control to execute a harmful DLL while appearing to install a legitimate PDF reader.

  • The malware has extensive capabilities, including system data exfiltration, screenshot capture, and keystroke logging.

  • Separately, Rhadamanthys malware is masquerading as groupware installers, and WikiLoader is being spread via altered Notepad++.

  • These sophisticated threats, which blend legitimate with malicious software, are challenging conventional detection methods, signifying the importance of advanced endpoint security.

Summary based on 1 source


Get a daily email with more Tech stories

More Stories