Analysis of a new technique to inject websites with SocGholish malware found using zip compression, obfuscation, strrev functions, and other evasive techniques to avoid detection.
Once installed, fake browser updates infect the victim’s computer with various types of malware including remote access trojans (RATs). SocGholish malware is often the first step in severe targeted ransomware attacks against corporations and other organizations.
Evasive Techniques used by injected Websites