An Italian company that sells what it describes as a legitimate encryption utility is being used as malware packer for the GuLoader dropper, claim researchers. The company claims it has taken steps to prevent bad actors from using its wares for ill. GuLoader is a widespread dropper that compromises targets and delivers second-stage malware. It s been constantly updated over the course of 2020 with new binaries sporting sandbox evasion techniques, code randomization features, command-and-control (C2) URL encryption and additional payload encryption.
Source: https://threatpost.com/legitimate-italian-guloader-obfuscator/156443/