A fast-evolving information‑stealing malware dubbed “Torg Grabber” that has shifted from simple Telegram‑based exfiltration to a hardened, encrypted REST API command‑and‑control (C2) channel fronted by Cloudflare. The operation surfaced when a 747 KB 64‑bit sample initially tagged as Vidar was found to be fundamentally different from known Vidar builds, exposing an internal debug string “grabber […]

The post Torg Grabber Malware Shifts from Telegram Exfiltration to Encrypted REST API for C2 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/torg-grabber-malware/