BunnyLoader: the ever-evolving malware-as-a-service

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

In a digital landscape where cyber threats are evolving at an alarming rate, security researchers have unveiled a new malware-as-a-service (MaaS) called “BunnyLoader.” This insidious malware is making waves in the dark web, attracting cybercriminals with its fileless uploading capabilities and a host of malicious features, including clipboard stealing.

An in-depth analysis of BunnyLoader

BunnyLoader, an ever-evolving threat, is rapidly gaining notoriety among malicious actors. Since it first appeared on September 4, this malicious software has undergone numerous updates, each introducing new features and fixing bugs. At the current time, BunnyLoader can perform a variety of malicious activities, from downloading and executing payloads to keylogging, stealing data (including sensitive information and cryptocurrencies), and executing remote commands.

The characteristics of the BunnyLoader malware

Researchers at cloud security firm Zscaler have been closely monitoring BunnyLoader's rise in the cyber underworld. They observed that this malware is becoming increasingly popular among cyber criminals due to its robust set of features, all available at a surprisingly low cost.

The dangers of BunnyLoader

BunnyLoader's command and control panel allows even the most novice cybercriminals to deploy second-layer payloads, perform keylogging, steal credentials, manipulate clipboards to steal cryptocurrency, and execute remote commands on compromised devices.