The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it's based on, indicating that it's being actively developed.
"The latest version, 2.4.1.0, introduces a feature to prevent execution on machines that differ from the original infection," Zscaler ThreatLabz researcher Santiago
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022.
A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month.
"The new version of ZLoader made significant changes to the loader
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discoveredΒ Royal ransomware.
Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the nameΒ DEV-0569.
"Observed DEV-0569 attacks show a pattern of continuous innovation, with