SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.krustyloader (Back to overview)

KrustyLoader


ELF x64 Rust downloader first discovered on Ivanti Connect Secure VPN after the exploitation of CVE-2024-21887 and CVE-2023-46805. Downloads Sliver backdoor and deletes itself.

References
2024-01-29SynacktivTheo Letailleur
KrustyLoader - Rust malware linked to Ivanti ConnectSecure compromises
KrustyLoader

There is no Yara-Signature yet.