The malware dropper TicTacToe is targeting Windows users
Learn all about this dropper malware and protect your PC
2 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
TicTacToe is a new malware dropper that targets Windows users. Moreover, it delivers final-payloads in malicious attachments like mails. Unfortunately, TicTacToe comes with different malware to steal your data. In addition, this malware is difficult to detect because it changes the final-payloads.
What does a dropper malware do?
A dropper malware installs malicious files into your computer. Furthermore, they could be used to steal your information and to damage your system. In addition, this type of malware can hide itself from antivirus programs. Moreover, you might find the TicTacToe malware dropper in phishing emails as an .iso file. Once executed, it will start adding DLL files into your memory.
Unfortunately, the malware seems to be in development because it has multiple strings. Also, researchers think that groups of threat actors use the malware. So, they alter it according to their needs. On top of that, they believe that cybercriminals trade the tool actively as a service. In addition, cybercriminals are using the TicTacToe malware dropper to deliver the following final-payloads Leonem, AgentTesla, SnakeLogger, RemLoader, Sabsik, LokiBot, Taskun, Androm, Upatre and Remcos.
The name TicTacToe comes from Kolko_i_krzyzyk, a common Polish language string encountered by researchers during earlier stages.
To protect yourself and your organization from the TicTacToe malware dropper, you will need to run hash based detections. Thus, you will need a behavior-based endpoint security application, especially since the malware keeps changing. In addition, you could consider getting the FortiEDR. After all, the tool comes from the researchers who managed to identify earlier versions of the TicTacToe dropper.
Ultimately, we recommend you don’t download any suspicious files from unknown users. In addition, keep in mind that the TicTacToe malware dropper is commonly hiding in emails. So, make sure to check the source or to verify on the internet if the file could possibly have malware.
What are your thoughts? Are you ready to deal with malware attacks? Let us know in the comments.
User forum
0 messages