Free malware maker Gazorp offers AZORult attacks

Gazorp, a free malware-maker found on the dark web, lets cyber criminals make their own AZORult attacks. AZORult is a trojan that collects data from a system. It searches for stored passwords, files and login details of the computer itself.

The malware-maker was discovered by Check Point Research on 17 September, reports SecurityIntelligence. With the program it is easy to create your own samples of the AZORult infostealer. The makers of Gazorp say themselves that creating malware with the tool is very easy. Users only need to enter their command-and-control (C&C) address, download the program, install it and deploy their creation.

Outdated version

Gazorp is making samples of version 3.0, which was released five months ago. Since then, two new versions have been released, namely 3.1 and 3.2. As a result, the effectiveness of the Gazorp version is limited. But even the outdated version has “multiple possibilities to steal data that can be abused by someone to collect and abuse information from victims”.

The creators of Gazorp have also added new features and upgrades to increase the impact of their AZORult version. There is a heat map showing country statistics and there is the possibility to create a complex mutex based on various factors, such as admin, user, system and guest authorities.

In addition, the malware maker contains a link to a Telegram channel, which describes the work of the creators of Gazorp. Users visiting the channel receive updates on new features, can make their own suggestions and donate bitcoin to enable future improvements.

Protection

In order to protect systems from AZORult, it is recommended that software be constantly patched. It is also recommended to invest in Security-as-a-Service (SECaaS) solutions.