An ongoing ZLoader malware campaign has been uncovered exploiting a nine-year-old flaw concerning Microsoft’s digital signature verification to siphon user credentials and sensitive information. The campaign is said to have claimed 2,170 victims across 111 countries as of January 2, 2022. It’s also notable for the fact that it wraps itself in layers of obfuscation and other detection-evasion methods to elude detection and analysis. Zloader has been employed by many an attacker to steal cookies, passwords, and other private information.”]
Source: https://thehackernews.com/2022/01/new-zloader-banking-malware-campaign.html