Secondary payloads delivered via MintsLoader attacks

Information-stealing malware StealC and open-source network computing tool BOINC have been distributed in separate ongoing intrusions involving the MintsLoader malware loader, according to The Hacker News.

Oil and gas, electricity, and legal services organizations in the U.S. and Europe have been targeted with spam emails containing links that download MintsLoader either through a JavaScript file or Windows Run prompt as part of a campaign underway since earlier this month, a report from eSentire showed. After retrieving PowerShell payloads to circumvent detection, MintsLoader proceeds with the delivery of the StealC malware-as-a-service payload. Another report from Palo Alto Networks Unit 42 noted a similar intrusion leveraging fraudulent verification pages to allow the deployment of BOINC. Both developments come after a new C++-based JinxLoader variant named Astolfo Loader, also known as Jinx V3, was reported by BlackBerry researchers to have been developed after the sale of its source code.