The droppers are designed to drop a new version of SharkBot, dubbed V2 by Dutch security firm ThreatFabric, which features an updated command-and-control (C2) communication mechanism, a domain generation algorithm (DGA), and a fully refactored codebase.
Fox-IT said it discovered a newer version 2.25 on August 22, 2022, that introduces a function to siphon cookies when victims log in to their bank accounts, while also removing the ability to automatically reply to incoming messages with links to the malware for propagation.
Comments are closed.