Malware
WEEVILPROXY
aka JSCEAL
WEEVILPROXY is a sophisticated and featureful stealer which has a payload primarily written in NodeJS.
WEEVILPROXY is a sophisticated and featureful stealer which has a payload primarily written in NodeJS. The developer has put in concerted effort to develop the malware’s breadth of capabilities, including novel techniques not observed in any prior malware campaigns - to our knowledge. These new TTPs include methods to modify Windows Setup and Windows Recovery to enable long-term persistence, as well as methods to patch browser extensions ‘on the fly’.
Family metadata imported from Malpedia (Fraunhofer FKIE).