Researchers Discover Updated Malware Loader with Enhanced Evasion Techniques

Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader, which incorporates new features to evade detection and establish persistence on compromised systems. According to Muhammed Irfan V A, a researcher at Zscaler ThreatLabz, this new version uses call stack spoofing to hide the origin of function calls, such as API and system calls. The malware also utilizes GitHub as a command and control (C2) center and .NET Reactor to enhance its stealth capabilities.