BlankGrabber hides behind a fake certificate trick to deliver stealer malware

BlankGrabber, a Python-based stealer, now uses a fake certificate-decoding chain to hide its delivery process on Windows systems. Splunk’s Threat Research Team says the loader abuses certutil.exe, a legitimate Windows tool, to decode data that looks harmless but actually launches the next malware stage. That matters because the infection chain does more than steal browser […] The post BlankGrabber hides behind a fake certificate trick to deliver stealer malware appeared first on VPN Central.