The XWorm backdoor, initially developed by XCoder and abandoned last year, has been revived in new campaigns distributed via phishing attacks targeting users. These latest versions have considerably expanded their functionalities by integrating a ransomware module, escalating the threat posed by the malware.
Besides ransomware capabilities, the malware now features over 35 plugins, which likely enable a broader range of malicious actions such as data theft, remote control, and system exploitation. The resurgence of XWorm underscores ongoing risks from abandoned malware projects being picked up and enhanced by threat actors.
Organizations and individuals face increased risk from these sophisticated campaigns, which combine phishing with multi-functional malware. Continuous vigilance and updated security measures are necessary to mitigate infections and data breaches caused by the evolving XWorm threat.
👉 Pročitaj original: BleepingComputer
