Hijackloader

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
HijackLoader is a new form of malware that has quickly gained traction within the cybercrime community. This malicious software, designed to exploit and damage computer systems or devices, can infiltrate systems via suspicious downloads, emails, or websites, often unbeknownst to the user. Once it gains access, it is capable of stealing personal information, disrupting operations, and potentially holding data hostage for ransom. The malware, identified as UAC-0184, utilizes open-source programs such as HijackLoader and Ghostpulse to steal and upload data from messenger platforms. A particular target appears to be the Signal platform, reportedly widely used by Ukrainian military members. This indicates a possible focus on high-value targets and sensitive information, significantly increasing the potential impact and severity of the breaches. Business users are also being targeted by threat actors utilizing payloads like FakeBat, Nitrogen, or HijackLoader. The rapid growth in popularity of this malware among cybercriminals signifies an escalating threat landscape. Organizations are advised to bolster their cybersecurity measures, educate employees about the risks, and employ robust detection and response mechanisms to mitigate the risk associated with HijackLoader.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Loader
Cybercrime
Malware Loader
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
SystembcUnspecified
2
SystemBC is a type of malware, a harmful program designed to exploit and damage computer systems. It has been used in numerous attacks, often in conjunction with other malware types. In 2023, it was observed being used heavily with Quicksand and BlackBasta. SystemBC has also been associated with Pla
Redline StealerUnspecified
2
RedLine Stealer is a type of malware that infiltrates systems to exfiltrate sensitive data. This malicious software, often delivered through suspicious downloads, emails, or websites, can disrupt operations, steal personal information, or even hold data for ransom. A packet capture (pcap) analysis f
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Hijackloader Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CrowdStrike
3 months ago
HijackLoader Expands Techniques to Improve Defense Evasion
Securityaffairs
8 months ago
New HijackLoader malware is rapidly growing in popularity
CERT-EU
8 months ago
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World
Securityaffairs
8 months ago
Security Affairs newsletter Round 437 by Pierluigi Paganini
CERT-EU
8 months ago
New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World – GIXtools
Securityaffairs
7 months ago
Security Affairs newsletter Round 440 by Pierluigi Paganini
Securityaffairs
6 months ago
Security Affairs newsletter Round 447 by Pierluigi Paganini
Securityaffairs
5 months ago
Security Affairs newsletter Round 449 by Pierluigi Paganini
Securityaffairs
12 days ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
5 months ago
Security Affairs newsletter Round 447 by Pierluigi Paganini
Securityaffairs
a month ago
Security Affairs newsletter Round 466 by Pierluigi Paganini
Securityaffairs
5 months ago
Security Affairs newsletter Round 452 by Pierluigi Paganini
Securityaffairs
19 days ago
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
2 months ago
Security Affairs newsletter Round 463 by Pierluigi Paganini
CERT-EU
5 months ago
Security Affairs newsletter Round 452 by Pierluigi Paganini | #ransomware | #cybercrime | National Cyber Security Consulting
Securityaffairs
a month ago
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
7 months ago
Security Affairs newsletter Round 443 by Pierluigi Paganini
Securityaffairs
8 months ago
Security Affairs newsletter Round 439 by Pierluigi Paganini
Securityaffairs
3 months ago
Security Affairs newsletter Round 460 by Pierluigi Paganini
Securityaffairs
7 months ago
Security Affairs newsletter Round 442 by Pierluigi Paganini