Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
New Buer Malware Downloader Rewritten in E-Z Rust Language
Quote:A variant of the Buer malware, which is being distributed in emails disguised as DHL support shipping notices, comes with a fresh code rewrite in the popular Rust language and looks like it may be in the process of prepping for rental to other cybercrooks.
Using the increasingly popular, efficient and easy-to-use Rust programming language will help the malware to slip past detection, Proofpoint researchers said in a post on Monday morning. The rigged emails are coming in two flavors. One is written in the more typical C programming language. The other’s written in Rust: a tactical shift that will help it tiptoe past detection in order to get more clicks.
Buer is what’s known as a first-stage downloader: a chunk of malware sold on the underground that threat actors use to get a foothold into compromised networks. These attack tools install other types of malware
during and after phishing campaigns. Proofpoint research shows that these downloaders have become increasingly beefy over the past two years, boasting ever-more advanced profiling and targeting capabilities.
Proofpoint first came across Buer in 2019, and its researchers spotted the new variant in early April. This is what the DHL-themed, boobytrapped email looks like:
Any unfortunates who click on the malicious Microsoft Word or Excel attachment will trigger a drop of the new, Rust-written Buer variant, which researchers are calling RustyBuer. It’s cutting a wide path across the internet: More than 200 organizations across more than 50 verticals have been hit by the campaign, Proofpoint says.

Read more: Buer Malware Tool Rewritten in E-Z Rust Language | Threatpost
[-] The following 1 user Likes silversurfer's post:
  • harlan4096

Forum Jump:

Users browsing this thread: 1 Guest(s)
You have to register before you can post on our site.



Recent Posts
Bitdefender 25.0.1...harlan4096 — 16:11
VLC (VideoLAN) Media Player 3.0.14
VLC (VideoLAN) Med...harlan4096 — 16:10
Custom browser protocol handlers may be ...
When you instal...harlan4096 — 16:01
Colonial Pipeline Shells Out $5M in Exto...
Colonial Pipeline ...silversurfer — 12:36
Pipeline Update: Biden Executive Order, ...
Colonial Pipeline ...silversurfer — 12:36

Today's Birthdays
avatar (39)knigiJow
avatar (41)1stOnecal
Upcoming Birthdays
avatar (23)jayc137
avatar (43)Jerrycix
avatar (35)awedoli
avatar (77)WinRARHowTo
avatar (34)axuben
avatar (35)ihijudu
avatar (44)contjrat
avatar (45)Mirzojap
avatar (31)idilysaju
avatar (35)GregoryRog
avatar (40)mediumog
avatar (35)odukoromu
avatar (41)Joanna4589

Online Staff
There are no staff members currently online.