A new variant of the Astaroth Trojan family employed YouTube channels for command-and-control (C&C) functionality in order to evade detection. The operation leveraged multiple layers of obfuscation before using LoLBins to advance itself. It then employed evasion checks and anti-analysis processes, steps that included the use of YouTube channels as its primary C&C infrastructure. Security professionals can help defend their organizations against evasive malware by training their machine learning (ML) models to spot evasive tactics.”]