Spyder Loader Malware Tool Used in Attacks on Hong Kong Entities
Spyder Loader is the name of a malicious tool that was first spotted early last year. The same malware is now used in attack campaigns targeting entities located in Hong Kong.
Security researchers are tracking an ongoing malicious campaign codenamed CuckoBees. The experts believe the campaign's origins date back to 2019 and think its focus is cyber espionage and sensitive data theft.
Spyder Loader is classified as a Trojan. The payload is contained inside a portable executable DLL file named sqlite3.dll, posing as the legitimate file with the same name, but with malicious functionality inside it.
The list of victims on whose systems Spyder Loader was discovered and the appearance of the malware in campaigns linked to CuckoBees gives researchers grounds to think that Spyder Loader is being used in data theft and cyber espionage activities. Previous data stolen in CuckoBees attacks includes documents, schematics and formulas that are proprietary and comprise sensitive information.