Trend Micro has issued a warning about the effectiveness of a tool called BatCloak, which is designed to conceal batch files and has enabled malicious BAT files to evade detection by antivirus engines with an impressive success rate of 80%. Researchers have discovered numerous heavily obfuscated batch files that are being used to deploy modified and completely undetectable malware. These files utilize BatCloak for obfuscation.
In a detailed analysis of hundreds of batch samples obtained from a public repository, it was found that 80% of the samples went undetected by security solutions. This highlights the effectiveness of BatCloak in bypassing traditional detection methods used by security tools.
Out of a total of 784 samples examined, the average detection rate was less than one, indicating the challenges involved in identifying and mitigating threats associated with malware protected by BatCloak.
Since 2022, the majority of collected samples have consistently evaded antivirus detection, enabling threat actors to easily load different malware families and exploits using extensively obfuscated batch files.
ScrubCrypt is the latest version of the BatCloak engine, representing a significant advancement in batch obfuscation techniques. The developers have shifted from an open-source framework to a closed-source model, motivated by the success of
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: