Information stealing malware-as-a-service threat BunnyLoader has been updated with new data theft modules, more advanced keylogging features, smaller payloads, and increased stealth in its third iteration, according to The Hacker News.
Aside from featuring novel denial-of-service capabilities, BunnyLoader 3.0 also features separate binaries for modules involved in DoS, keylogging, clipping, and data exfiltration, a report from Palo Alto Networks Unit 42 revealed. Attacks with BunnyLoader 3.0 also involved the utilization of an unknown dropper to facilitate PureCrypter distribution, which either results in the deployment of the PureLogs or Meduza infostealers, said Unit 42 researchers. "In the ever-changing landscape of MaaS, BunnyLoader continues to evolve, demonstrating the need for threat actors to frequently retool to evade detection," noted researchers. Such findings follow a separate report from Unit 42 and Ukraine's State Cyber Protection Center detailing persistent SmokeLoader malware attacks by suspected Russian threat operation UAC-006. SmokeLoader was noted by researchers to be widely available across Russian cybercrime forums.
