Contact
OpenCTI Live Threat Report Feed

The Evolution of a Cyber Threat: From JinxLoader to Astolfo Loader

NetmanageIT OpenCTI - opencti.netmanageit.com

Daniel Bender

1 min read
The Evolution of a Cyber Threat: From JinxLoader to Astolfo Loader



SUMMARY :

JinxLoader, a Go-based malware loader distributed via phishing emails, has evolved into Astolfo Loader. Originally sold on Hack Forums, JinxLoader was designed to deploy additional malware on Windows and Linux systems. The malware operates as a Malware-as-a-Service, making sophisticated tools accessible to a broader range of cybercriminals. Astolfo Loader, a rebranded version written in C++, offers improved performance and smaller file size. Both loaders employ anti-analysis techniques and geolocation checks before connecting to command-and-control servers. This evolution demonstrates the rapid spread and adaptation of malware variants in the cybercriminal ecosystem.

OPENCTI LABELS :

c2,jinxloader,astolfo loader


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


The Evolution of a Cyber Threat: From JinxLoader to Astolfo Loader