- Xworm resurfaces with versions 6.0–6.5, now maintained by alias xcodertools
- Malware includes rat, ransomware, data theft, dos and over 35 modular plugins
- Trellix reports rising virus -rotal samples; Phishing remains key formation method
Xworm, the infamous malware in the back door used to create destruction several years ago, has apparently returned after a year -long Sabbath day.
Security researchers found three new versions, 6.0, 6.4 and 6.5 that have appeared on the dark web, with several threat actors using it in their campaigns.
Xworm was built and maintained by a threat actor named Xcoder, back in 2022. They used to share details and updates about telegram before they turned dark. The last version of Malware was Xworm 5.6, which was apparently vulnerable to the performance of the remote code.
Several capabilities
It is not known whether the original developer is back or whether the tool was picked up by a separate threat actor. In any case, the alias is maintaining it now, Xcodertools.
Malware itself now comes with several new possibilities as well as a modular design.
Its primary feature, to work as a remote access Trojan (rat), is still there. It also comes with a ransomware module, the ability to steal sensitive information from compromised devices, monitor the clipboard, log keycape and catch screens.
It can perform arbitrary commands on the infected system, manage files, draw us details and start refusal-of-service (DOS) attacks.
In all, more than 35 plugin’s tailor -made functionality, depending on the target, makes Xworm a very versatile and dangerous malware.
Cybercriminals can now acquire the tool for a $ 500 Lifetime subscription, Xcodertools advertised further emphasizes that RCE vulnerability has also been processed.
It seems to work as well as security scientists Trellix saw an uptick in the Xworm samples were uploaded to virus rotal.
The best way for companies to defend against new Xworm attacks is to go after a multi-layer security method that can respond to attacks even after compromise. Training staff on the dangers of phishing can also help, as the worm is mostly transplanted via E email.
Via Bleeping computer
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
