The Jlaive Crypter has been used for a long time by many threat actors as their main Crypter of choice.Įventually, the main developer of the Jlaive Crypter replied to the user:įigure 5: Jlaive Crypter developer response This comment was made by a confused potential customer that managed to identify the similarity between ScrubCrypter and the well known Jlaive Crypter. One interesting comment we stumbled upon was as follows: The seller describes the Crypter as an “antivirus evasion tool converts executables into undetectable batch files”.Ĭustomers can leave a review about the Crypter in the HackForum post thread. The seller of the Crypter “Scrubspoof” provides a list of Crypter features, which include: The price of the Crypter is 40 USD for a monthly subscription and goes up to 200 USD for a lifetime subscription. ScrubCrypt is a Crypter currently sold on HackForums, a hacking forum in the clear web, that anyone can access from their device. In this blog we review the ScrubCrypter and its origin, where threat actors can easily buy the Crypter, and how attackers use phishing campaigns to distribute the Crypter and its accompanying malware. However, it can also be used to encrypt, obfuscate, or manipulate malware to make it harder for AV’s to detect. It uses strong encryption algorithms to ensure the data remains secure from attackers. Over the past few weeks, Perception Point’s IR team has been investigating a Crypter, spread wildly via phishing emails that ultimately deliver RAT (Remote Access Trojan) malware from the Xworm family.Ī Crypter is a type of software used to encrypt, or hide, files or data so that they can be protected from unauthorized access.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |