Verblecon Malware Delivers Miners & Ransomware

The Verblecon Malware is designed to load other malicious payload onto the infected device, while managing to bypass various security measures and feature. The criminals are using the Verblecon Malware in combination with a wide range of threats, such as cryptocurrency miners or even ransomware. The first samples of the Verblecon Malware can be traced back to the start of 2022, so it seems that the criminals abusing it have managed to stay under the radar for some time.

Verblecon Malware sticks to attacking Windows devices, and it appears to be written in the Java programming language. This means that its creators could eventually to tailor it to work on other operating systems since Java has cross-platform support. Another notable fact about this malware is that it appears to receive regular updates, aiming to improve its ability to evade various security features.

Just like other Loaders, this one is also heavily encrypted, and has tons of junk code to make analysis much more challenging. Researchers need to spend weeks to separate the junk code and reverse engineer that cleverly encoded functions in order to reveal more about Verblecon Malware's modus operandi. The criminals have also implemented a wide range of checks to make sure that Loader will not run in a simulated environment used for malware analysis. The threats checks hardware details, drivcrs, and various system files to try and identify virtual machines. The Verblecon Malware is certainly a sophisticated piece of malware, which may easily pave a path for other dangerous payload. Victims can stay protected by it by being more careful with the types of content they interact with online, as well as by investing in reputable anti-malware software.