Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
08-May-24
The latest iteration of the Hijack Loader malware, identified as IDAT Loader, exhibits enhanced stealth features, including Windows Defender Antivirus exclusion, UAC bypass, and evasion of security software detection methods like inline API hooking. Notably, it adopts a novel approach of decrypting and parsing PNG images to deliver subsequent payloads, as reported by Zscaler ThreatLabz. With additional modules facilitating process creation and further evasion techniques, this malware poses an increasingly formidable threat, with Amadey being the most frequently distributed payload.
