"Latrodectus Malware: Evading Sandboxes and Replacing IcedID"
Originally Published 1 year ago — by The Hacker News
A new malware called Latrodectus has been discovered, distributed through email phishing campaigns and designed to retrieve payloads and execute arbitrary commands. It is linked to threat actors behind the IcedID malware and primarily used by initial access brokers to deploy other malware. Latrodectus has been employed in email threat campaigns by TA578 and comes with sandbox evasion functionality, capabilities to detect sandboxed environments, and connections to IcedID infrastructure.