Ten years later, malware authors are still abusing ‘Heaven’s Gate’ technique
A new report by Cisco Talos sheds light on three new malware campaigns that take advantage of “Heaven’s Gate,” a technique for avoiding detection by anti-malware suites that was discovered over a decade ago.
The campaigns all involve a malware loader that can deliver various types of malware, including the HawkEye Reborn keylogger, the Remcos remote access trojan (RAT), and a number of cryptominers, i.e. malware that uses the processing power of infected systems to mine cryptocurrency. The malware loader uses Heaven’s Gate to avoid antivirus detection.