If you take a closer look, malware is like a lot of other software on the market: It can get old and stop working as intended, it profits from updates, and it can be stolen and leaked. The latter apparently happened to Azorult, a credit card stealing software.
Azorult has been around for some time already – namely since 2016. It’s mostly known for being an information stealer and malware downloader. Recently CheckPoint found a new version of the malicious software on an underground forum.
Now if you’re wondering why a malware might need updates and constant maintenance, the answer is rather self-explanatory:
- As security vulnerabilities are being patched, malware needs to be adapted to get on the devices via other ways.
- To stay interesting to their criminal user base, malware developers need to find new ways to make money with their software.
- Malware can be leaked, just like any other software
The latter apparently is what drove Azorult to release version 3.3 of their malware. According to CheckPoint it includes a new encryption method of the embedded C&C domain string, a new connection method to the C&C and improvement of the Crypto currency wallets stealer and loader. The trove of new features should definitely make it more interesting to aspiring cyber criminals – at least way more interesting than version 3.1 and 3.2.
Azorult is being distributed via the RIG exploit kit. It uses security leaks in the Internet Explorer, Flash, JavaScript, and more. If you want to stay secure and make sure to update your software regularly and have a good antivirus installed.