MintsLoader Campaign Targets Critical Sectors with Malware
/ 1 min read
🔌 Ongoing MintsLoader campaign targets critical sectors with sophisticated malware. Cybersecurity firm eSentire has reported a campaign utilizing MintsLoader, a PowerShell-based malware loader, to distribute secondary payloads like the StealC information stealer and the BOINC platform. The campaign, detected in January 2025, primarily targets the electricity, oil and gas, and legal services sectors in the U.S. and Europe, employing tactics such as fake CAPTCHA prompts to trick users into executing malicious scripts. The attack begins with spam emails leading to obfuscated JavaScript downloads, which then execute PowerShell commands to install MintsLoader. Notably, StealC avoids infecting machines in certain former Soviet states, highlighting the evolving landscape of malware distribution and the proliferation of tools like JinxLoader and GootLoader.
