A new malware named MosaicLoader is being delivered through pirated software. This malware disrupts reverse engineering and confuses the malware analysts using its internal architecture.
About MosaicLoader campaign
Bitdefender reported that MosaicLoader deployed a second-stage payload in the computer in which is infected. They targeted the user through the pirated software that comes in search engine results. They faked much genuine software by using names and descriptions of business in the Metadata of the files.
The software evaded detection by breaking the code into small chunks, using random order of execution. They do not have any specific area of the target. They target all search engine users all around the world.
Some Additional Insights
After the deployment of the MosaicLoader, it downloads other such malware such as cryptocurrency miners, RATs, etc. After infection, it collects information such as credentials using malware which has the capability of stealing data. This information can also be used for illegal purposes, like hacking into the online accounts of the victims and performing frauds, etc.
These kinds of threats can cause a lot of damage. Along with performing malicious actions, they inject dangerous malware into the system. By stopping the use of pirated software, you can prevent the spread of this malware.