MintsLoader Malware Delivers GhostWeaver RAT in 2024

Researchers at Recorded Future have observed MintsLoader, a malware loader, in 2024. This loader delivers the GhostWeaver RAT through a multi-stage chain using obfuscated JavaScript and PowerShell scripts. MintsLoader evades detection through sandbox/VM checks and employs DGA and HTTP C2. Experts have shared C2 domains and other artifacts related to recent MintsLoader attacks.