The malware family BazarLoader has new tricks up its sleeves. The data theft motivated threat actors have updated BazarLoader’s delivery methods used to gain access to a victim’s network or device. BazarLoader’s new tactics include convincing victims to download compromised software installers such as TeamViewer, and delivering malware by exploiting ISO files. Experts believe these new delivery methods are likely an attempt to evade detection. Additionally, BazarLoader is known to be used for initial access by prominent ransomware families such as Conti. This campaign is reportedly targeting victims in the U.S. To reduce the risk posed by BazarLoader’s new delivery mechanisms, members are encouraged to restrict user rights for installing software. Read more at Cyware.
H2OSecCon 2025- a virtual security event for the water sector - happening May 20th. Register Now!