Threat actors employ ScrubCrypt, an obfuscation tool, to assist evade antivirus protection and launch assaults that could otherwise be blocked. A recent discovery by HUMAN’s Satori Threat Intelligence Team revealed that a fresh version of ScrubCrypt is being sold in underground communities and is being utilized to attack HUMAN clients. Researchers from Satori disassembled the assault to see how the latest ScrubCrypt build functions.
RedLine Stealer, a well-known cybersecurity exploit that can exfiltrate cryptocurrency wallets and credentials, was delivered via ScrubCrypt to an assault on a HUMAN client with the goal of performing account takeover and account fraud attacks on the customer’s users.