FortiGuard Labs recently discovered a new crypter variant called “ScrubCrypt” that targets vulnerable Oracle WebLogic servers. It is used by the mining group known as 8220 Gang. ScrubCrypt obfuscates and encrypts applications to evade detection. It includes features like anti-debugging, Reflective Injection, and registry manipulation.
ScrubCrypt’s payloads are linked to crypto mining activities. Organizations should be aware of ScrubCrypt and take steps to enhance their system’s security.
For more detailed information, you can refer to the original Fortinet blog post. [1]