Who IsErIk: A Resurface of an Advanced Persistent Adware?

As the malware industry expands, new tricks added to the cyber-criminal arsenal show up on a daily basis. Our Advanced Threat Control team has identified a massive expansion of the malicious repertoire meant to resurface old, but not-forgotten threats.
The main focus of this analysis is an adware loader, first discovered in 2016, which has kept such a low profile that researchers still haven’t agreed to a common denomination, generically identifying it as APA – Advanced Persistent Adware.
Bitdefender researchers have discovered a new large scale malware campaign dubbed IsErik – a family of Advanced Persistent Adware that features advanced evasion mechanisms, as well as the ability to execute remote code received from the command and control server.
Bitdefender has compiled an extended IoC list and made it available for download.
tags
Author
Right now
Top posts
BackdoorDiplomacy Wields New Tools in Fresh Middle East Campaign
December 06, 2022
Side-Loading OneDrive for profit – Cryptojacking campaign detected in the wild
October 05, 2022
A Red Team Perspective on the Device42 Asset Management Appliance
August 10, 2022
Vulnerabilities Identified in Wyze Cam IoT Device
March 29, 2022
New FluBot and TeaBot Global Malware Campaigns Discovered
January 26, 2022
Bitdefender Honeypots Signal Active Log4Shell 0-Day Attacks Underway; Patch Immediately
December 10, 2021