Security researchers have found that the IcedID Trojan has been redesigned to include new techniques in its attacks, including password-protected attachment, keyword obfuscation, and minimalist macro code. The updates were uncovered after a new phishing campaign launched recently that leveraged the malware.
Paul Kimayong recently released a report on the malware and phishing campaign, which was discovered in July. The campaign also uses a dynamic link library, a feature that contains code and data that is available for use by more than one program at the same time. The IcedID malware was largely used during the COVID-19 pandemic, however, the new upgrades make detection hard and may mean that the malware is here to stay.
