The v31 update of Xworm introduces several key features and improvements:
Includes real-time screen recording, webcam access, audio monitoring, and keylogging. xworm v31 updated
XWorm does not discriminate in its targeting. It has been observed in campaigns affecting healthcare, finance, manufacturing, government, education, and the hospitality sector across multiple countries.The malware has been used to target Ukrainian organizations, industry sectors in the United Kingdom, and has been deployed in ransomware attacks involving LockBit Black builders. The v31 update of Xworm introduces several key
XWorm V3.1 features upgraded obfuscation and environment-checking routines. Upon execution, the malware scans the system for debugging tools, sandboxes, and virtual machine (VM) environments (such as VMware, VirtualBox, and Any.Run). If it detects a analysis environment, it terminates itself immediately to prevent security researchers from capturing its behavior. 2. Enhanced Information Stealing XWorm V3
Implement short-lived session cookies and enforce strict, phishing-resistant MFA (such as hardware keys) to minimize the impact of stolen session tokens.
It specifically targets sensitive information, including browser credentials, session cookies, and cryptocurrency wallet information.