/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\String;

if (!\function_exists(u::class)) {
    function u(?string $string = ''): UnicodeString
    {
        return new UnicodeString($string ?? '');
    }
}

if (!\function_exists(b::class)) {
    function b(?string $string = ''): ByteString
    {
        return new ByteString($string ?? '');
    }
}

if (!\function_exists(s::class)) {
    /**
     * @return UnicodeString|ByteString
     */
    function s(?string $string = ''): AbstractString
    {
        $string = $string ?? '';

        return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string);
    }
}
<!DOCTYPE html>
<html lang="en-US">

<head>
	<meta charset='UTF-8'>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="profile" href="http://gmpg.org/xfn/11">
		<title>Malware &#8211; Page 11 &#8211; OWASP Jakarta</title>
<meta name='robots' content='max-image-preview:large' />
	<style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>
	<link rel='dns-prefetch' href='//fonts.googleapis.com' />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Feed" href="https://owasp.or.id/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Comments Feed" href="https://owasp.or.id/comments/feed/" />
<link rel="alternate" type="application/rss+xml" title="OWASP Jakarta &raquo; Malware Tag Feed" href="https://owasp.or.id/tag/malware/feed/" />
<script type="text/javascript">
/* <![CDATA[ */
window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.1.0\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/owasp.or.id\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.8.1"}};
/*! This file is auto-generated */
!function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\ud83d\udd25","\ud83d\udc26\u200b\ud83d\udd25")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings);
/* ]]> */
</script>
<style id='wp-emoji-styles-inline-css' type='text/css'>

	img.wp-smiley, img.emoji {
		display: inline !important;
		border: none !important;
		box-shadow: none !important;
		height: 1em !important;
		width: 1em !important;
		margin: 0 0.07em !important;
		vertical-align: -0.1em !important;
		background: none !important;
		padding: 0 !important;
	}
</style>
<link rel='stylesheet' id='wp-block-library-css' href='https://owasp.or.id/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1' type='text/css' media='all' />
<style id='classic-theme-styles-inline-css' type='text/css'>
/*! This file is auto-generated */
.wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none}
</style>
<style id='global-styles-inline-css' type='text/css'>
:root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--color--accent: #e91e63;--wp--preset--color--background-color: #E5E5E5;--wp--preset--color--header-gradient: #a81d84;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:root :where(.is-layout-flow) > :first-child{margin-block-start: 0;}:root :where(.is-layout-flow) > :last-child{margin-block-end: 0;}:root :where(.is-layout-flow) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-constrained) > :first-child{margin-block-start: 0;}:root :where(.is-layout-constrained) > :last-child{margin-block-end: 0;}:root :where(.is-layout-constrained) > *{margin-block-start: 24px;margin-block-end: 0;}:root :where(.is-layout-flex){gap: 24px;}:root :where(.is-layout-grid){gap: 24px;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-color{color: var(--wp--preset--color--accent) !important;}.has-background-color-color{color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-color{color: var(--wp--preset--color--header-gradient) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-background-color{background-color: var(--wp--preset--color--accent) !important;}.has-background-color-background-color{background-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-background-color{background-color: var(--wp--preset--color--header-gradient) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-accent-border-color{border-color: var(--wp--preset--color--accent) !important;}.has-background-color-border-color{border-color: var(--wp--preset--color--background-color) !important;}.has-header-gradient-border-color{border-color: var(--wp--preset--color--header-gradient) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;}
:root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;}
</style>
<link rel='stylesheet' id='bootstrap-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/css/bootstrap.min.css?ver=1.0.2' type='text/css' media='all' />
<link rel='stylesheet' id='hestia-font-sizes-css' href='https://owasp.or.id/wp-content/themes/hestia/assets/css/font-sizes.min.css?ver=3.2.11' type='text/css' media='all' />
<link rel='stylesheet' id='hestia_style-css' href='https://owasp.or.id/wp-content/themes/hestia/style.min.css?ver=3.2.11' type='text/css' media='all' />
<style id='hestia_style-inline-css' type='text/css'>
.hestia-top-bar,.hestia-top-bar .widget.widget_shopping_cart .cart_list{background-color:#363537}.hestia-top-bar .widget .label-floating input[type=search]:-webkit-autofill{-webkit-box-shadow:inset 0 0 0 9999px #363537}.hestia-top-bar,.hestia-top-bar .widget .label-floating input[type=search],.hestia-top-bar .widget.widget_search form.form-group:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_shopping_cart:before{color:#fff}.hestia-top-bar .widget .label-floating input[type=search]{-webkit-text-fill-color:#fff !important}.hestia-top-bar div.widget.widget_shopping_cart:before,.hestia-top-bar .widget.widget_product_search form.form-group:before,.hestia-top-bar .widget.widget_search form.form-group:before{background-color:#fff}.hestia-top-bar a,.hestia-top-bar .top-bar-nav li a{color:#fff}.hestia-top-bar ul li a[href*="mailto:"]:before,.hestia-top-bar ul li a[href*="tel:"]:before{background-color:#fff}.hestia-top-bar a:hover,.hestia-top-bar .top-bar-nav li a:hover{color:#eee}.hestia-top-bar ul li:hover a[href*="mailto:"]:before,.hestia-top-bar ul li:hover a[href*="tel:"]:before{background-color:#eee}
:root{--hestia-primary-color:#e91e63}a,.navbar .dropdown-menu li:hover>a,.navbar .dropdown-menu li:focus>a,.navbar .dropdown-menu li:active>a,.navbar .navbar-nav>li .dropdown-menu li:hover>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:hover,body:not(.home) .navbar-default .navbar-nav>.active:not(.btn)>a:focus,a:hover,.card-blog a.moretag:hover,.card-blog a.more-link:hover,.widget a:hover,.has-text-color.has-accent-color,p.has-text-color a{color:#e91e63}.svg-text-color{fill:#e91e63}.pagination span.current,.pagination span.current:focus,.pagination span.current:hover{border-color:#e91e63}button,button:hover,.woocommerce .track_order button[type="submit"],.woocommerce .track_order button[type="submit"]:hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="button"],input[type="button"]:hover,input[type="submit"],input[type="submit"]:hover,input#searchsubmit,.pagination span.current,.pagination span.current:focus,.pagination span.current:hover,.btn.btn-primary,.btn.btn-primary:link,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary.active:focus,.btn.btn-primary.active:hover,.btn.btn-primary:active:hover,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.hestia-sidebar-open.btn.btn-rose:focus,.hestia-sidebar-close.btn.btn-rose:focus,.label.label-primary,.hestia-work .portfolio-item:nth-child(6n+1) .label,.nav-cart .nav-cart-content .widget .buttons .button,.has-accent-background-color[class*="has-background"]{background-color:#e91e63}@media(max-width:768px){.navbar-default .navbar-nav>li>a:hover,.navbar-default .navbar-nav>li>a:focus,.navbar .navbar-nav .dropdown .dropdown-menu li a:hover,.navbar .navbar-nav .dropdown .dropdown-menu li a:focus,.navbar button.navbar-toggle:hover,.navbar .navbar-nav li:hover>a i{color:#e91e63}}body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close),body:not(.woocommerce-page) .button:not([class^="fl-"]):not(hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):not(.product_type_grouped):not(.product_type_external),div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,input[type="submit"],input[type="button"],.btn.btn-primary,.widget_product_search button[type="submit"],.hestia-sidebar-open.btn.btn-rose,.hestia-sidebar-close.btn.btn-rose,.everest-forms button[type=submit].everest-forms-submit-button{-webkit-box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12);box-shadow:0 2px 2px 0 rgba(233,30,99,0.14),0 3px 1px -2px rgba(233,30,99,0.2),0 1px 5px 0 rgba(233,30,99,0.12)}.card .header-primary,.card .content-primary,.everest-forms button[type=submit].everest-forms-submit-button{background:#e91e63}body:not(.woocommerce-page) .button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.add_to_cart_button):hover,body:not(.woocommerce-page) button:not([class^="fl-"]):not(.hestia-scroll-to-top):not(.navbar-toggle):not(.close):hover,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit:hover,input[type="submit"]:hover,input[type="button"]:hover,input#searchsubmit:hover,.widget_product_search button[type="submit"]:hover,.pagination span.current,.btn.btn-primary:hover,.btn.btn-primary:focus,.btn.btn-primary:active,.btn.btn-primary.active,.btn.btn-primary:active:focus,.btn.btn-primary:active:hover,.hestia-sidebar-open.btn.btn-rose:hover,.hestia-sidebar-close.btn.btn-rose:hover,.pagination span.current:hover,.everest-forms button[type=submit].everest-forms-submit-button:hover,.everest-forms button[type=submit].everest-forms-submit-button:focus,.everest-forms button[type=submit].everest-forms-submit-button:active{-webkit-box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);box-shadow:0 14px 26px -12px rgba(233,30,99,0.42),0 4px 23px 0 rgba(0,0,0,0.12),0 8px 10px -5px rgba(233,30,99,0.2);color:#fff}.form-group.is-focused .form-control{background-image:-webkit-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:-webkit-linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),-webkit-linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2));background-image:linear-gradient(linear,left top,left bottom,from(#e91e63),to(#e91e63)),linear-gradient(linear,left top,left bottom,from(#d2d2d2),to(#d2d2d2))}.navbar:not(.navbar-transparent) li:not(.btn):hover>a,.navbar li.on-section:not(.btn)>a,.navbar.full-screen-menu.navbar-transparent li:not(.btn):hover>a,.navbar.full-screen-menu .navbar-toggle:hover,.navbar:not(.navbar-transparent) .nav-cart:hover,.navbar:not(.navbar-transparent) .hestia-toggle-search:hover{color:#e91e63}.header-filter-gradient{background:linear-gradient(45deg,rgba(168,29,132,1) 0,rgb(234,57,111) 100%)}.has-text-color.has-header-gradient-color{color:#a81d84}.has-header-gradient-background-color[class*="has-background"]{background-color:#a81d84}.has-text-color.has-background-color-color{color:#E5E5E5}.has-background-color-background-color[class*="has-background"]{background-color:#E5E5E5}
.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){padding-top:15px;padding-bottom:15px;padding-left:33px;padding-right:33px}
:root{--hestia-button-border-radius:3px}.btn.btn-primary:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item),input[type="submit"]:not(.search-submit),body:not(.woocommerce-account) .woocommerce .button.woocommerce-Button,.woocommerce .product button.button,.woocommerce .product button.button.alt,.woocommerce .product #respond input#submit,.woocommerce-cart .blog-post .woocommerce .cart-collaterals .cart_totals .checkout-button,.woocommerce-checkout #payment #place_order,.woocommerce-account.woocommerce-page button.button,.woocommerce .track_order button[type="submit"],.nav-cart .nav-cart-content .widget .buttons .button,.woocommerce a.button.wc-backward,body.woocommerce .wccm-catalog-item a.button,body.woocommerce a.wccm-button.button,form.woocommerce-form-coupon button.button,div.wpforms-container .wpforms-form button[type=submit].wpforms-submit,div.woocommerce a.button.alt,div.woocommerce table.my_account_orders .button,input[type="submit"].search-submit,.hestia-view-cart-wrapper .added_to_cart.wc-forward,.woocommerce-product-search button,.woocommerce-cart .actions .button,#secondary div[id^=woocommerce_price_filter] .button,.woocommerce div[id^=woocommerce_widget_cart].widget .buttons .button,.searchform input[type=submit],.searchform button,.search-form:not(.media-toolbar-primary) input[type=submit],.search-form:not(.media-toolbar-primary) button,.woocommerce-product-search input[type=submit],.btn.colored-button,.btn.btn-left,.btn.btn-right,.btn:not(.colored-button):not(.btn-left):not(.btn-right):not(.btn-just-icon):not(.menu-item):not(.hestia-sidebar-open):not(.hestia-sidebar-close){border-radius:3px}
@media(min-width:769px){.page-header.header-small .hestia-title,.page-header.header-small .title,h1.hestia-title.title-in-content,.main article.section .has-title-font-size{font-size:42px}}
</style>
<link rel='stylesheet' id='hestia_fonts-css' href='https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C700%7CRoboto+Slab%3A400%2C700&#038;subset=latin%2Clatin-ext&#038;ver=3.2.11' type='text/css' media='all' />
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script>
<link rel="https://api.w.org/" href="https://owasp.or.id/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://owasp.or.id/wp-json/wp/v2/tags/88" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://owasp.or.id/xmlrpc.php?rsd" />
<meta name="generator" content="WordPress 6.8.1" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt-150x150.png" sizes="32x32" />
<link rel="icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" sizes="192x192" />
<link rel="apple-touch-icon" href="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
<meta name="msapplication-TileImage" content="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" />
</head>

<body class="archive paged tag tag-malware tag-88 wp-custom-logo paged-11 tag-paged-11 wp-theme-hestia header-layout-default">
		<div class="wrapper  default ">
		<header class="header ">
			<div style="display: none"></div>		<nav class="navbar navbar-default  hestia_left navbar-not-transparent navbar-fixed-top">
						<div class="container">
						<div class="navbar-header">
			<div class="title-logo-wrapper">
				<a class="navbar-brand" href="https://owasp.or.id/"
						title="OWASP Jakarta">
					<img  src="https://owasp.or.id/wp-content/uploads/2023/10/owaspjkt.png" alt="OWASP Jakarta" width="1667" height="563"></a>
			</div>
								<div class="navbar-toggle-wrapper">
						<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#main-navigation">
								<span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span>				<span class="sr-only">Toggle Navigation</span>
			</button>
					</div>
				</div>
		<div id="main-navigation" class="collapse navbar-collapse"><ul id="menu-home" class="nav navbar-nav"><li id="menu-item-386" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-home menu-item-386"><a title="Home" href="https://owasp.or.id">Home</a></li>
<li id="menu-item-383" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-has-children menu-item-383 dropdown"><a title="Meetup" href="https://owasp.or.id/meetup/" class="dropdown-toggle">Meetup <span class="caret-wrap"><span class="caret"><svg aria-hidden="true" focusable="false" data-prefix="fas" data-icon="chevron-down" class="svg-inline--fa fa-chevron-down fa-w-14" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M207.029 381.476L12.686 187.132c-9.373-9.373-9.373-24.569 0-33.941l22.667-22.667c9.357-9.357 24.522-9.375 33.901-.04L224 284.505l154.745-154.021c9.379-9.335 24.544-9.317 33.901.04l22.667 22.667c9.373 9.373 9.373 24.569 0 33.941L240.971 381.476c-9.373 9.372-24.569 9.372-33.942 0z"></path></svg></span></span></a>
<ul role="menu" class="dropdown-menu">
	<li id="menu-item-457" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-457"><a title="Meetup.com" href="https://www.meetup.com/owasp-jakarta-chapter/">Meetup.com</a></li>
</ul>
</li>
<li id="menu-item-385" class="menu-item menu-item-type-custom menu-item-object-custom menu-item-385"><a title="Sitemap" href="https://owasp.or.id/sitemap_index.xml">Sitemap</a></li>
<li id="menu-item-384" class="menu-item menu-item-type-post_type menu-item-object-page menu-item-384"><a title="Contact" href="https://owasp.or.id/contact/">Contact</a></li>
</ul></div>			</div>
					</nav>
				</header>
<div id="primary" class="boxed-layout-header page-header header-small" data-parallax="active" ><div class="container"><div class="row"><div class="col-md-10 col-md-offset-1 text-center"><h1 class="hestia-title">Malware</h1></div></div></div><div class="header-filter" style="background-image: url(https://owasp.or.id/wp-content/uploads/2023/10/cropped-owaspjkt3.webp);"></div></div>
<div class="main  main-raised ">
	<div class="hestia-blogs" data-layout="full-width">
		<div class="container">
			<div class="row">
								<div class="col-md-10 col-md-offset-1 blog-posts-wrap">
					<article 
		id="post-2620" 
		class="card card-blog card-plain post-2620 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-backdoored tag-courtroom tag-deploys tag-javs tag-malware tag-recording tag-rustdoor tag-software"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/25/javs-courtroom-recording-software-backdoored-deploys-rustdoor-malware/" title="JAVS Courtroom Recording Software Backdoored &#8211; Deploys RustDoor Malware"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/JAVS-Courtroom-Recording-Software-Backdoored-Deploys-RustDoor-Malware-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="JAVS Courtroom Recording Software Backdoored - Deploys RustDoor Malware" decoding="async" fetchpriority="high" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/25/javs-courtroom-recording-software-backdoored-deploys-rustdoor-malware/" title="JAVS Courtroom Recording Software Backdoored &#8211; Deploys RustDoor Malware" rel="bookmark">JAVS Courtroom Recording Software Backdoored &#8211; Deploys RustDoor Malware</a></h2><div class="card-description entry-summary "><p>JAVS Courtroom Recording Software Backdoored &#8211; Deploys RustDoor Malware Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that&#8217;s associated with a known backdoor called RustDoor. The software supply chain attack, tracked as&nbsp;CVE-2024-4978, impacts JAVS Viewer v8.3.7, a<a class="moretag" href="https://owasp.or.id/2024/05/25/javs-courtroom-recording-software-backdoored-deploys-rustdoor-malware/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/25/javs-courtroom-recording-software-backdoored-deploys-rustdoor-malware/"><time class="entry-date published" datetime="2024-05-25T02:41:15+00:00" content="2024-05-25">1 year</time> ago </a></div></div></div></article><article 
		id="post-2613" 
		class="card card-blog card-plain post-2613 post type-post status-publish format-standard hentry category-news tag-android tag-antivirus tag-deliver tag-devices tag-fake tag-malware tag-websites tag-windows"><div class="row "><div class= "col-sm-12"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/24/fake-antivirus-websites-deliver-malware-to-android-and-windows-devices/" title="Fake Antivirus Websites Deliver Malware to Android and Windows Devices" rel="bookmark">Fake Antivirus Websites Deliver Malware to Android and Windows Devices</a></h2><div class="card-description entry-summary "><p>Fake Antivirus Websites Deliver Malware to Android and Windows Devices Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. &#8220;Hosting malicious software through sites which look<a class="moretag" href="https://owasp.or.id/2024/05/24/fake-antivirus-websites-deliver-malware-to-android-and-windows-devices/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/24/fake-antivirus-websites-deliver-malware-to-android-and-windows-devices/"><time class="entry-date published" datetime="2024-05-24T14:37:19+00:00" content="2024-05-24">1 year</time> ago </a></div></div></div></article><article 
		id="post-2569" 
		class="card card-blog card-plain post-2569 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-cloud tag-deceive tag-delivery tag-exploits tag-malware tag-services tag-trick tag-unicode tag-users"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/" title="Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Malware-Delivery-via-Cloud-Services-Exploits-Unicode-Trick-to-Deceive-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/" title="Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users" rel="bookmark">Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users</a></h2><div class="card-description entry-summary "><p>Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users A new attack campaign dubbed&nbsp;CLOUD#REVERSER&nbsp;has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads. &#8220;The VBScript and PowerShell scripts in the CLOUD#REVERSER inherently involves command-and-control-like activities by using Google Drive and Dropbox<a class="moretag" href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/21/malware-delivery-via-cloud-services-exploits-unicode-trick-to-deceive-users/"><time class="entry-date published" datetime="2024-05-21T17:04:18+00:00" content="2024-05-21">1 year</time> ago </a></div></div></div></article><article 
		id="post-2567" 
		class="card card-blog card-plain post-2567 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-attempts tag-evolves tag-infrastructure tag-malware tag-multitiered tag-resist tag-solarmarker tag-takedown"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/21/solarmarker-malware-evolves-to-resist-takedown-attempts-with-multi-tiered-infrastructure/" title="SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/SolarMarker-Malware-Evolves-to-Resist-Takedown-Attempts-with-Multi-Tiered-Infrastructure-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure" decoding="async" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/21/solarmarker-malware-evolves-to-resist-takedown-attempts-with-multi-tiered-infrastructure/" title="SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure" rel="bookmark">SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure</a></h2><div class="card-description entry-summary "><p>SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure The persistent threat actors behind the&nbsp;SolarMarker&nbsp;information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. &#8220;The core of SolarMarker&#8217;s operations is its layered infrastructure, which consists of at least two clusters:<a class="moretag" href="https://owasp.or.id/2024/05/21/solarmarker-malware-evolves-to-resist-takedown-attempts-with-multi-tiered-infrastructure/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/21/solarmarker-malware-evolves-to-resist-takedown-attempts-with-multi-tiered-infrastructure/"><time class="entry-date published" datetime="2024-05-21T14:01:45+00:00" content="2024-05-21">1 year</time> ago </a></div></div></div></article><article 
		id="post-2557" 
		class="card card-blog card-plain post-2557 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-arsenal tag-deliver tag-diverse tag-exploited tag-flaw tag-foxit tag-hackers tag-malware tag-pdf tag-reader"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/20/foxit-pdf-reader-flaw-exploited-by-hackers-to-deliver-diverse-malware-arsenal/" title="Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Foxit-PDF-Reader-Flaw-Exploited-by-Hackers-to-Deliver-Diverse-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/20/foxit-pdf-reader-flaw-exploited-by-hackers-to-deliver-diverse-malware-arsenal/" title="Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal" rel="bookmark">Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal</a></h2><div class="card-description entry-summary "><p>Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. &#8220;This exploit triggers security warnings that<a class="moretag" href="https://owasp.or.id/2024/05/20/foxit-pdf-reader-flaw-exploited-by-hackers-to-deliver-diverse-malware-arsenal/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/20/foxit-pdf-reader-flaw-exploited-by-hackers-to-deliver-diverse-malware-arsenal/"><time class="entry-date published" datetime="2024-05-20T13:51:32+00:00" content="2024-05-20">1 year</time> ago </a></div></div></div></article><article 
		id="post-2555" 
		class="card card-blog card-plain post-2555 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-cocktail tag-criminals tag-cyber tag-deliver tag-exploit tag-filezilla tag-github tag-malware"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/20/cyber-criminals-exploit-github-and-filezilla-to-deliver-cocktail-malware/" title="Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Cyber-Criminals-Exploit-GitHub-and-FileZilla-to-Deliver-Cocktail-Malware-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/20/cyber-criminals-exploit-github-and-filezilla-to-deliver-cocktail-malware/" title="Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware" rel="bookmark">Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware</a></h2><div class="card-description entry-summary "><p>Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware A &#8220;multi-faceted campaign&#8221; has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password,<a class="moretag" href="https://owasp.or.id/2024/05/20/cyber-criminals-exploit-github-and-filezilla-to-deliver-cocktail-malware/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/20/cyber-criminals-exploit-github-and-filezilla-to-deliver-cocktail-malware/"><time class="entry-date published" datetime="2024-05-20T10:50:42+00:00" content="2024-05-20">1 year</time> ago </a></div></div></div></article><article 
		id="post-2553" 
		class="card card-blog card-plain post-2553 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-campaigns tag-emerges tag-icedid039s tag-latrodectus tag-loader tag-malware tag-phishing tag-successor"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/20/latrodectus-malware-loader-emerges-as-icedids-successor-in-phishing-campaigns/" title="Latrodectus Malware Loader Emerges as IcedID&#039;s Successor in Phishing Campaigns"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Latrodectus-Malware-Loader-Emerges-as-IcedID039s-Successor-in-Phishing-Campaigns-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Latrodectus Malware Loader Emerges as IcedID&#039;s Successor in Phishing Campaigns" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/20/latrodectus-malware-loader-emerges-as-icedids-successor-in-phishing-campaigns/" title="Latrodectus Malware Loader Emerges as IcedID&#039;s Successor in Phishing Campaigns" rel="bookmark">Latrodectus Malware Loader Emerges as IcedID&#039;s Successor in Phishing Campaigns</a></h2><div class="card-description entry-summary "><p>Latrodectus Malware Loader Emerges as IcedID&#039;s Successor in Phishing Campaigns Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers&nbsp;Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. &#8220;These campaigns typically involve a recognizable infection chain involving oversized JavaScript<a class="moretag" href="https://owasp.or.id/2024/05/20/latrodectus-malware-loader-emerges-as-icedids-successor-in-phishing-campaigns/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/20/latrodectus-malware-loader-emerges-as-icedids-successor-in-phishing-campaigns/"><time class="entry-date published" datetime="2024-05-20T07:49:47+00:00" content="2024-05-20">1 year</time> ago </a></div></div></div></article><article 
		id="post-2531" 
		class="card card-blog card-plain post-2531 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-campaign tag-exploit tag-facebook tag-hackers tag-korean tag-malware tag-messenger tag-north tag-targeted"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/16/north-korean-hackers-exploit-facebook-messenger-in-targeted-malware-campaign/" title="North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/North-Korean-Hackers-Exploit-Facebook-Messenger-in-Targeted-Malware-Campaign-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/16/north-korean-hackers-exploit-facebook-messenger-in-targeted-malware-campaign/" title="North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign" rel="bookmark">North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign</a></h2><div class="card-description entry-summary "><p>North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign The North Korea-linked&nbsp;Kimsuky hacking group&nbsp;has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware. &#8220;The threat actor created a Facebook account with a fake identity disguised as a<a class="moretag" href="https://owasp.or.id/2024/05/16/north-korean-hackers-exploit-facebook-messenger-in-targeted-malware-campaign/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/16/north-korean-hackers-exploit-facebook-messenger-in-targeted-malware-campaign/"><time class="entry-date published" datetime="2024-05-16T16:11:31+00:00" content="2024-05-16">1 year</time> ago </a></div></div></div></article><article 
		id="post-2527" 
		class="card card-blog card-plain post-2527 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-botnet tag-compromises tag-ebury tag-linux tag-malware tag-servers tag-years"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/16/ebury-botnet-malware-compromises-400000-linux-servers-over-past-14-years/" title="Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/Ebury-Botnet-Malware-Compromises-400000-Linux-Servers-Over-Past-14-360x240.jpg" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/16/ebury-botnet-malware-compromises-400000-linux-servers-over-past-14-years/" title="Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years" rel="bookmark">Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years</a></h2><div class="card-description entry-summary "><p>Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years A malware botnet called&nbsp;Ebury&nbsp;is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still compromised as of late 2023. The findings come from Slovak cybersecurity firm ESET, which characterized it as one<a class="moretag" href="https://owasp.or.id/2024/05/16/ebury-botnet-malware-compromises-400000-linux-servers-over-past-14-years/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/16/ebury-botnet-malware-compromises-400000-linux-servers-over-past-14-years/"><time class="entry-date published" datetime="2024-05-16T10:07:11+00:00" content="2024-05-16">1 year</time> ago </a></div></div></div></article><article 
		id="post-2479" 
		class="card card-blog card-plain post-2479 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-039durian039 tag-crypto tag-deploy tag-firms tag-golang tag-hackers tag-korean tag-malware tag-north"><div class="row "><div class="col-ms-5 col-sm-5"><div class="card-image"><a href="https://owasp.or.id/2024/05/10/north-korean-hackers-deploy-new-golang-malware-durian-against-crypto-firms/" title="North Korean Hackers Deploy New Golang Malware &#039;Durian&#039; Against Crypto Firms"><img width="360" height="240" src="https://owasp.or.id/wp-content/uploads/2024/05/North-Korean-Hackers-Deploy-New-Golang-Malware-039Durian039-Against-Crypto-360x240.png" class="attachment-hestia-blog size-hestia-blog wp-post-image" alt="North Korean Hackers Deploy New Golang Malware &#039;Durian&#039; Against Crypto Firms" decoding="async" loading="lazy" /></a></div></div><div class= "col-ms-7 col-sm-7"><span class="category text-info"><a href="https://owasp.or.id/category/news/" title="View all posts in News"  rel="tag">News</a> </span><h2 class="card-title entry-title"><a href="https://owasp.or.id/2024/05/10/north-korean-hackers-deploy-new-golang-malware-durian-against-crypto-firms/" title="North Korean Hackers Deploy New Golang Malware &#039;Durian&#039; Against Crypto Firms" rel="bookmark">North Korean Hackers Deploy New Golang Malware &#039;Durian&#039; Against Crypto Firms</a></h2><div class="card-description entry-summary "><p>North Korean Hackers Deploy New Golang Malware &#039;Durian&#039; Against Crypto Firms The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed&nbsp;Durian&nbsp;as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. &#8220;Durian boasts comprehensive backdoor functionality, enabling the execution of<a class="moretag" href="https://owasp.or.id/2024/05/10/north-korean-hackers-deploy-new-golang-malware-durian-against-crypto-firms/"> Read more&hellip;</a></p>
</div><div class="posted-by vcard author">By <a href="https://owasp.or.id/author/bbgwp/" title="adminowasp" class="url"><b class="author-name fn">adminowasp</b></a>, <a href="https://owasp.or.id/2024/05/10/north-korean-hackers-deploy-new-golang-malware-durian-against-crypto-firms/"><time class="entry-date published" datetime="2024-05-10T18:01:38+00:00" content="2024-05-10">1 year</time> ago </a></div></div></div></article>
	<nav class="navigation pagination" aria-label="Posts pagination">
		<h2 class="screen-reader-text">Posts pagination</h2>
		<div class="nav-links"><a class="prev page-numbers" href="https://owasp.or.id/tag/malware/page/10/">Previous</a>
<a class="page-numbers" href="https://owasp.or.id/tag/malware/">1</a>
<span class="page-numbers dots">&hellip;</span>
<a class="page-numbers" href="https://owasp.or.id/tag/malware/page/10/">10</a>
<span aria-current="page" class="page-numbers current">11</span>
<a class="page-numbers" href="https://owasp.or.id/tag/malware/page/12/">12</a>
<span class="page-numbers dots">&hellip;</span>
<a class="page-numbers" href="https://owasp.or.id/tag/malware/page/22/">22</a>
<a class="next page-numbers" href="https://owasp.or.id/tag/malware/page/12/">Next</a></div>
	</nav>				</div>
							</div>
		</div>
	</div>
</div>
					<footer class="footer footer-black footer-big">
						<div class="container">
																<div class="hestia-bottom-footer-content"><ul class="footer-menu pull-left"><li class="page_item page-item-17 current_page_parent"><a href="https://owasp.or.id/blog/">Blog</a></li>
<li class="page_item page-item-16"><a href="https://owasp.or.id/contact/">Contact</a></li>
<li class="page_item page-item-998"><a href="https://owasp.or.id/gdpr/">GDPR</a></li>
<li class="page_item page-item-345"><a href="https://owasp.or.id/meetup/">Meetup</a></li>
<li class="page_item page-item-360"><a href="https://owasp.or.id/sitemap/">SiteMap</a></li>
</ul>
<div class="copyright pull-right">Hestia | Developed by <a href="https://themeisle.com" rel="nofollow">ThemeIsle</a></div></div>			</div>
					</footer>
			</div>
<script type="speculationrules">
{"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/hestia\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]}
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/bootstrap/js/bootstrap.min.js?ver=1.0.2" id="jquery-bootstrap-js"></script>
<script type="text/javascript" src="https://owasp.or.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3" id="jquery-ui-core-js"></script>
<script type="text/javascript" id="hestia_scripts-js-extra">
/* <![CDATA[ */
var requestpost = {"ajaxurl":"https:\/\/owasp.or.id\/wp-admin\/admin-ajax.php","disable_autoslide":"","masonry":""};
/* ]]> */
</script>
<script type="text/javascript" src="https://owasp.or.id/wp-content/themes/hestia/assets/js/script.min.js?ver=3.2.11" id="hestia_scripts-js"></script>
</body>
</html>