Smoke Loader Backdoor Gets Anti-Analysis Improvements
Security Week | August 08, 2017
The infamous Smoke Loader backdoor now has more complex anti-analysis techniques that allow it to remain a potent malware delivery mechanism, PhishLabs security researchers warn. Also known as Dofoil, Smoke Loader has been advertised on dark web forums since at least mid-2011. Packing a modular design, the malware can receive secondary execution instructions and/or download additional functional modules. Lately, the loader has been used in the distribution of malware such as the TrickBot banking Trojan and GlobeImposter ransomware.