MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks – The Hacker News

by [email protected] (The Hacker News) · May 2, 2025

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver.
“MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts,” Recorded Future’s Insikt Group said in a report shared with The Hacker News.
“The malware employs sandbox and virtual machine evasion techniques, a domain –

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks – The Hacker News

Leave a Reply Cancel reply

Recent Posts