‘Invalid Printer’ Loader Spreads Aurora Stealer

24 April 2023
Morphisec found a campaign using a highly evasive loader, named in2al5d p3in4er, disseminating the Aurora info-stealer via links in YouTube video descriptions. It is compiled using Embarcadero RAD Studio which allows attackers to create executables for multiple platforms, with multiple configuration options.