BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
BTC $51524.6928
ETH $3102.2833
BNB $384.2776
SOL $103.2311
XRP $0.5405
ADA $0.5849
AVAX $36.9511
TRX $0.1377
DOGE $0.0856
wstETH $3587.3896
LINK $18.6494
DOT $7.8438
WETH $3100.0078
UNI $11.0945
MATIC $0.9971
WBTC $51554.8458
IMX $3.3401
ICP $12.4013
LTC $70.0025
BCH $266.3236
CAKE $3.1426
FIL $8.1456
ETC $27.0947
RNDR $7.2587
DAI $1.0009
KAS $0.1676
HBAR $0.1071
ATOM $10.3461
INJ $35.4309
VET $0.0467
TON $2.0697
OKB $50.3127
FDUSD $0.9994
LDO $3.3633
GRT $0.3004
ARB $1.8920
XMR $128.8577
TIA $16.5811
XLM $0.1156
STX $2.5143
ENS $22.4126
NEAR $3.6605
APEX $2.4601
WEMIX $2.0774
MKR $2060.5410
BEAM $0.0332
MNT $0.8950
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • AceCryptor: a powerful weapon for cybercriminals to bypass detection and reverse engineering

    For about seven years, attackers have been hiding their malicious software using a universal tool.

    The Slovak company ESET said in a recent report that a cryptor called AceCryptor has been used by attackers of various stripes since 2016. This tool allows hackers to hide their malware from detection by specialized software and analysis by specialists.

    Cryptors (ransomware) are a type of malware that encrypts and obfuscates the code of other malware to make it harder to detect and reverse engineer them.

    According to ESET, in 2021 and 2022 alone, more than 240,000 cases of AceCryptor use were discovered. That's over 10,000 uses per month. At the same time, more than 80 thousand unique samples of this cryptor were discovered over the same period of time, with 7 thousand unique variants of the internal layout.

    Among the malware packaged with AceCryptor are such popular ones as SmokeLoader, RedLine Stealer, RanumBot, Raccoon Stealer, Stop, and Amadey.

    The largest number of infections with such encrypted malware was recorded in Peru, Egypt, Thailand, Indonesia, Turkey, Brazil, Mexico, South Africa, Poland and India.

    AceCryptor was first mentioned by Avast in August 2022. Back then, the tool was used to spread the Stop ransomware and the RedLine infostealer.

    AceCryptor-packaged malware is usually delivered to victims' computers using fake pirate software installers, spam emails with malicious attachments, or other malware that has already compromised the target system.

    AceCryptor is also believed to be provided as a service (CaaS) to cybercriminals, as the tool is being used by various hacker groups to distribute various malware families.

    The cryptor itself is usually heavily obfuscated and includes a three-layer architecture for the gradual decryption and decompression of each stage of infection. And also includes methods of protection against virtual machines, debugging and analysis.

    Ultimately, the cryptor launches the necessary payload on the victim’s device in an extremely secretive and imperceptible way, which is why it is so popular with attackers.

    In March, we mentioned another cryptor called ScrubCrypt, which was used by several cryptojacking groups at once to illegally mine cryptocurrency on infected hosts. And at the beginning of the year, Check Point discovered a packer called TrickGate that had been used to deploy a wide range of malware such as TrickBot, Emotet, AZORult, Agent Tesla, FormBook, Cerber, Maze, and REvil for more than six years.

    Author DeepWeb
    EU calls for ban on end-to-end encryption of citizen communications
    New DogeRAT Trojan Attacks Android Users in India

    Comments 0

    Add comment