TxHollower is an updated version of a malware-loading technique that allows adversaries to more effectively sneak malware past some antivirus software defenses. The latest version of the loader is the most prevalent in the wild, researchers say. The most common payloads are Smoke loader, NetWire, njRat and Pony stealer. An unknown criminal group or groups has updated the malware since researchers first began tracking it last year. The malware is being distributed on black markets online, which explains wider adoption of the malware.
Source: https://threatpost.com/new-loader-variant-behind-widespread-malware-attacks/146683/

