Quote:Researchers have documented the evolution of Loda, a Remote Access Trojan (RAT) which is leaving its simple roots to become an established threat in the US and other countries.
Loda was first observed in 2016. According to Proofpoint, the AutoIT-based RAT is able to access and exfiltrate both system and user information, act as a keylogger, take screenshots, launch and close processes, and download additional malware payloads via a connection to a command-and-control (C2) server.
A new version of the Trojan has been tracked in past months, revealing an upgraded arsenal.
Deemed a "simple yet effective RAT that has matured over time," the malware has been spotted in recent campaigns targeting victims across the US, alongside South and Central America, Cisco Talos cybersecurity researcher Chris Neal said on Wednesday.
The latest variant of Loda, version 1.1.1, has revamped obfuscation techniques to improve its stealth capabilities and new mechanisms are also in play to maintain persistence on systems after shutdown.
Read more: https://www.zdnet.com/article/loda-troja...-exploits/
![[-]](https://www.geeks.fyi/images/collapse.png)
