The Gomorrah Stealer v5.1 is a sophisticated MaaS malware that targets sensitive data from browsers, cryptocurrency wallets, and more. It uses .NET-based IL code and JIT compilation to evade detection, exfiltrates data to a C2 server, and ensures persistence through Autorun registry entries. Distributed via Telegram, the malware continues to evolve, highlighting the need for enhanced cybersecurity measures.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox