Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024. Some of the notable malware families distributed using QuirkyLoader include Agent Tesla, AsyncRAT, Formbook, Masslogger, Remcos RAT, Rhadamanthys Stealer, and Snake Keylogger. A noteworthy aspect of the kit is the use of a technique known as precision-validated phishing in which the attacker validates an email address in real-time in the background, while a fake Cloudflare Turnstile challenge is served to the user. Once the checks are passed, a login form impersonating the legitimate online platform appears, allowing the threat actors to capture submitted credentials and then relay them to the service. To read the complete article see: Link to Article