CustomerLoader Disseminating Diverse Malware Payloads

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

A covert .NET loader, known as CustomerLoader, was specifically designed to facilitate the retrieval, deciphering, and activation of subsequent payloads. Throughout the early days of June 2023, various malicious entities actively disseminated this novel loader.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.