skip to Main Content

Cybercrime is targeting Italy with a new version of JasperLoader

Cybercrime Is Targeting Italy With A New Version Of JasperLoader

Cisco Talos: Cybercrime is targeting Italy with a new version of JasperLoader to infect systems with additional payloads, as Gootkit. It features several changes and improvements from the initial version

Cybercrime is targeting Italy with a new version of JasperLoader. It has been discovered by Cisco Talos cyber security experts. The malware loader – exploited to infect systems with additional payloads which can be used to exfiltrate sensitive information, damage systems or negatively impact organizations – has targeted Italy and and other European countries with banking trojans such as Gootkit over the past few months. Recently, the distribution activity associated with these campaigns halted. But after several weeks of relatively low volumes of activity, the researchers discovered a new version of the malicious code being spread. It features several changes and improvements from the initial version. 

The cyber security experts: JasperLoader implemented additional mechanisms to control where the malware can spread and are now taking steps to avoid analysis by sandboxes and antivirus companies. Furthermore, it continues to target Italian victims

Cybercrime actors behind JasperLoader implemented additional mechanisms to control where the malware can spread and are now taking steps to avoid analysis by sandboxes and antivirus companies. According to the cyber security experts, there’s also a new command and control (C2) mechanism to facilitate communications between infected systems and the infrastructure being used to control them. The campaigns that are currently distributing the malicious code continue to target Italian victims and further demonstrate that while JasperLoader is a relatively new threat, the developers behind it are continuing to actively refine and improve upon this malware at a rapid pace and introduce sophistication that is not commonly seen in financially motivated malware.

Back To Top