ESET Research publishes new malware findings

New information about a prevalent cryptor malware has recently been unveiled by ESET Research.

Researchers confirmed details about AceCryptor, which, according to the company, operates as a cryptor-as-a-service used by numerous malware families.

Though the threats posed by AceCryptor have been around since 2016, during 2021 and 2022, ESET telemetry detected over 240,000 detection hits – this figure amounts to over 10,000 hits every month.

Likely sold on the dark web or underground forums, ‘tens of different malware families have used the services of this malware’ and many rely on this cryptor as their main protection against static detections.

“For malware authors, protecting their creations against detection is challenging. Cryptors are the first layer of defence for malware that gets distributed,” commented Jakub Kaloč, Researcher, ESET, who analysed AceCryptor.

“Even though threat actors can create and maintain their own custom cryptors, for crimeware threat actors, it often may be time consuming or technically difficult to maintain their cryptor in a fully undetectable state.

“Demand for such protection has created multiple cryptor-as-a-service options that pack malware,”

To find out more about ESET’s findings and read more technical information about AceCryptor, visit the company’s website here.