A new BluStealer Loader Uses Direct Syscalls to Evade EDRs
released on 2022-05-04 @ 03:27:17 PM
BluStealer malware was first detected in May 2021 by James_inthe_box. Back then, it was delivered through a phishing mail, either as an attachment or a Discord link leading to the malware download URL. BluStealer authors are not staying behind, and in their latest version, they implement what was one of 2021’s biggest trends - the use of direct syscalls to bypass EDRs.