"These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community," Morphisec researcher Shmuel Uzan said in a new report, adding that "this malware strain is highly prevalent across North America, South America, Europe, Asia, and even Australia."
McAfee Labs detailed threat actors' use of the same technique to deliver a variant of the RedLine information stealer by hosting the malware-bearing ZIP archives within legitimate Microsoft repositories.
Morphisec's analysis has uncovered a shift in the malware delivery mechanism, a simplification that's likely an effort to fly under the radar. "The malware is frequently delivered using obfuscated Lua scripts instead of compiled Lua bytecode," Uzan explained.
The ZIP archive comes with files designed to exploit the user's system, ultimately leading to further infections and malicious activities.
Collection
[
|
...
]