{"id":2606,"date":"2021-05-04T21:31:58","date_gmt":"2021-05-05T02:31:58","guid":{"rendered":"https:\/\/truxgoservers.com\/blog\/?p=2606"},"modified":"2021-05-04T21:31:58","modified_gmt":"2021-05-05T02:31:58","slug":"buer-malware-charger-emerges-on-the-web","status":"publish","type":"post","link":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/","title":{"rendered":"Buer Malware Charger Emerges on the Web"},"content":{"rendered":"\n<p>Proofpoint researchers identified a new variant of the Buer malware loader distributed through emails disguised as shipping notices in early April. Buer is a downloader sold in underground markets that is used as a foothold in compromised networks to distribute other malware, including ransomware.<\/p>\n\n\n\n<p>Using the increasingly popular, efficient and user-friendly Rust programming language will help malware bypass detection, Proofpoint researchers said in a post Monday morning. Manipulated emails come in two versions. One is written in the more typical C programming language. The other is written in Rust &#8211; a tactical change that will help you tiptoe past detection to get more clicks.<\/p>\n\n\n\n<p>In the associated campaigns, the emails are supposed to come from DHL Support. They contained a link to the download of a malicious Microsoft Word or Excel document that used macros to remove the new malware variant. Proofpoint is calling this new variant RustyBuer. Emails affected more than 200 organizations in more than 50 verticals.<\/p>\n\n\n\n<p>The first stage downloader has a nasty second stage delivery: In some cases, Proofpoint has seen phishing campaigns drop a Cobalt Strike beacon. Cobalt Strike is a legitimate penetration testing tool that has become a favorite among threat actors.<\/p>\n\n\n\n<p>Security experts say the completely rewritten new variant of Rust is an unusual departure from the much more common preference of malware developers for the C programming language. It is unclear why threat actors took the time and effort to translate the code, but there are a few likely possibilities: First, Rust is more efficient, has more features, and is increasingly popular.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignright size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buer-1024x591.png\" alt=\"\" class=\"wp-image-2607\" width=\"365\" height=\"210\" srcset=\"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buer-1024x591.png 1024w, https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buer-300x173.png 300w, https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buer-768x443.png 768w, https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buer.png 1098w\" sizes=\"auto, (max-width: 365px) 100vw, 365px\" \/><\/figure><\/div>\n\n\n\n<p>To reinforce the legitimacy of phishing emails containing this threat, malware authors have sprinkled them with logos of globally known official companies as in the following image that we will see which recipients must click on the macro of the document to start an infection.<\/p>\n\n\n\n<p>Related topics:<br><a href=\"https:\/\/truxgoservers.com\/blog\/threats-you-face-every-day-within-e-mail\/\">Threats you face every day within E-mail<\/a><br><a href=\"https:\/\/truxgoservers.com\/blog\/macro-malware-a-threat-designed-to-fool-the-victims\/\">Macro Malware threats designed to fool the victims<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Proofpoint researchers identified a new variant of the Buer malware loader distributed through emails disguised as shipping notices in early April. Buer is a downloader sold in underground markets that is used as a foothold in compromised networks to distribute other malware, including ransomware. Using the increasingly popular, efficient and user-friendly Rust programming language will [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2608,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[36],"class_list":["post-2606","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Buer Malware Charger Emerges on the Web - Truxgo Server Blog<\/title>\n<meta name=\"description\" content=\"A new threat that emerges in the Digital world known as Buer loader, which can be very dangerous for those who get target by this threat.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/\" \/>\n<meta property=\"og:locale\" content=\"es_MX\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Buer Malware Charger Emerges on the Web - Truxgo Server Blog\" \/>\n<meta property=\"og:description\" content=\"A new threat that emerges in the Digital world known as Buer loader, which can be very dangerous for those who get target by this threat.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/\" \/>\n<meta property=\"og:site_name\" content=\"Truxgo Server Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-05T02:31:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buerr.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"575\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Truxgo\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Truxgo\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/\"},\"author\":{\"name\":\"Truxgo\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/person\\\/8b409c26449db6aa09724b45331e333e\"},\"headline\":\"Buer Malware Charger Emerges on the Web\",\"datePublished\":\"2021-05-05T02:31:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/\"},\"wordCount\":327,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/Buerr.jpg\",\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/\",\"name\":\"Buer Malware Charger Emerges on the Web - Truxgo Server Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/Buerr.jpg\",\"datePublished\":\"2021-05-05T02:31:58+00:00\",\"description\":\"A new threat that emerges in the Digital world known as Buer loader, which can be very dangerous for those who get target by this threat.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#primaryimage\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/Buerr.jpg\",\"contentUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/Buerr.jpg\",\"width\":1024,\"height\":575},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/buer-malware-charger-emerges-on-the-web\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Buer Malware Charger Emerges on the Web\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/\",\"name\":\"Truxgo Server Blog\",\"description\":\"Cloud Server and Hosting Tutorials.\",\"publisher\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#organization\",\"name\":\"Truxgo Server Blog\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cropped-truxgo-logo-blanco.png\",\"contentUrl\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/cropped-truxgo-logo-blanco.png\",\"width\":1250,\"height\":278,\"caption\":\"Truxgo Server Blog\"},\"image\":{\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/#\\\/schema\\\/person\\\/8b409c26449db6aa09724b45331e333e\",\"name\":\"Truxgo\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g\",\"caption\":\"Truxgo\"},\"sameAs\":[\"https:\\\/\\\/truxgoservers.com\\\/blog\"],\"url\":\"https:\\\/\\\/truxgoservers.com\\\/blog\\\/author\\\/truxgo\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Buer Malware Charger Emerges on the Web - Truxgo Server Blog","description":"A new threat that emerges in the Digital world known as Buer loader, which can be very dangerous for those who get target by this threat.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/","og_locale":"es_MX","og_type":"article","og_title":"Buer Malware Charger Emerges on the Web - Truxgo Server Blog","og_description":"A new threat that emerges in the Digital world known as Buer loader, which can be very dangerous for those who get target by this threat.","og_url":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/","og_site_name":"Truxgo Server Blog","article_published_time":"2021-05-05T02:31:58+00:00","og_image":[{"width":1024,"height":575,"url":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buerr.jpg","type":"image\/jpeg"}],"author":"Truxgo","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"Truxgo","Tiempo de lectura":"2 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#article","isPartOf":{"@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/"},"author":{"name":"Truxgo","@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/person\/8b409c26449db6aa09724b45331e333e"},"headline":"Buer Malware Charger Emerges on the Web","datePublished":"2021-05-05T02:31:58+00:00","mainEntityOfPage":{"@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/"},"wordCount":327,"commentCount":0,"publisher":{"@id":"https:\/\/truxgoservers.com\/blog\/#organization"},"image":{"@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#primaryimage"},"thumbnailUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buerr.jpg","keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"es","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/","url":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/","name":"Buer Malware Charger Emerges on the Web - Truxgo Server Blog","isPartOf":{"@id":"https:\/\/truxgoservers.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#primaryimage"},"image":{"@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#primaryimage"},"thumbnailUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buerr.jpg","datePublished":"2021-05-05T02:31:58+00:00","description":"A new threat that emerges in the Digital world known as Buer loader, which can be very dangerous for those who get target by this threat.","breadcrumb":{"@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#primaryimage","url":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buerr.jpg","contentUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2021\/05\/Buerr.jpg","width":1024,"height":575},{"@type":"BreadcrumbList","@id":"https:\/\/truxgoservers.com\/blog\/buer-malware-charger-emerges-on-the-web\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/truxgoservers.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Buer Malware Charger Emerges on the Web"}]},{"@type":"WebSite","@id":"https:\/\/truxgoservers.com\/blog\/#website","url":"https:\/\/truxgoservers.com\/blog\/","name":"Truxgo Server Blog","description":"Cloud Server and Hosting Tutorials.","publisher":{"@id":"https:\/\/truxgoservers.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/truxgoservers.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/truxgoservers.com\/blog\/#organization","name":"Truxgo Server Blog","url":"https:\/\/truxgoservers.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2020\/08\/cropped-truxgo-logo-blanco.png","contentUrl":"https:\/\/truxgoservers.com\/blog\/wp-content\/uploads\/2020\/08\/cropped-truxgo-logo-blanco.png","width":1250,"height":278,"caption":"Truxgo Server Blog"},"image":{"@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/truxgoservers.com\/blog\/#\/schema\/person\/8b409c26449db6aa09724b45331e333e","name":"Truxgo","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/52691a61c58e68677ed4860007c1bb03b14eabe7350747ab3fad3e17825b4b96?s=96&d=mm&r=g","caption":"Truxgo"},"sameAs":["https:\/\/truxgoservers.com\/blog"],"url":"https:\/\/truxgoservers.com\/blog\/author\/truxgo\/"}]}},"_links":{"self":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts\/2606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/comments?post=2606"}],"version-history":[{"count":2,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts\/2606\/revisions"}],"predecessor-version":[{"id":2616,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/posts\/2606\/revisions\/2616"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/media\/2608"}],"wp:attachment":[{"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/media?parent=2606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/categories?post=2606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/truxgoservers.com\/blog\/wp-json\/wp\/v2\/tags?post=2606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}