A fast-evolving information”‘stealing malware dubbed “Torg Grabber” that has shifted from simple Telegram”‘based exfiltration to a hardened, encrypted REST API command”‘and”‘control (C2) channel fronted by Cloudflare. The operation surfaced when a 747 KB 64″‘bit sample initially tagged as Vidar was found to be fundamentally different from known Vidar builds, exposing an internal debug string “grabber […] The post Torg Grabber Malware Shifts from Telegram Exfiltration to Encrypted REST API for C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/torg-grabber-malware/
