New Nim-based malware, Editbot Stealer emerge

Malicious Microsoft Word documents to facilitate the distribution of Nim-based malware, which has only recently gained traction with the emergence of the Nimbda and NimzaLoader malware loaders, according to The Hacker News. Threat actors impersonate a Nepali government official in phishing emails that include the decoy Word document, which when executed triggers analysis tool scanning before proceeding to either self-termination or connection with a remote server masquerading a Nepal government domain, a Netskope report revealed. "Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers' unfamiliarity can hamper their investigation," said researchers. On the other hand, social media messages have been exploited by a novel social engineering campaign to deploy the new Python-based Editbot Stealer malware, noted a report from Cyble. Both developments come amid the continued proliferation of NetSupport RAT, DarkGate, and other known malware in phishing attacks.