The operators of the Astaroth infostealer have implemented several new tactics aimed at evading detection, which researchers say have made the malware “painful to analyze.” Astaroth first emerged in 2017, but has steadily been used over the years in increasingly sophisticated campaigns aimed at exfiltrating sensitive data. In September, for instance, researchers with Cofense warned that the trojan was being spread via phishing emails, and was using normally trusted sources as a cover for malicious activities to evading usually effective network security layers.
Read full article on Threat Post