Crypters
Crypters are software programs capable of encrypting, obfuscating, and manipulating malware to bypass detection mechanisms while keeping the malware's functionalities intact.
Crypters (“криптер” in Russian)are software programs capable of encrypting, obfuscating, and manipulating malware to bypass detection mechanisms, while keeping the malware’s functionalities intact. This is made by leveraging different obfuscation techniques, notably code transformations.
Of note, some sources use the terms “packer”, “cryptor” and “loader” interchangeably when referring to crypters.
While a crypter software is not malicious per se, it is intended to hide known malicious code such as ransomware, infostealers or RATs and to facilitate malware delivery. They use it to build malware capable of avoiding cybersecurity solutions. In their campaigns, malicious actors can rely on an open-source, a commercially available or a custom crypter.
In a new report published on our blog, Sekoia Threat Detection & Research (TDR) team introduces key concepts and analyzes the different crypter-related activities and the lucrative ecosystem of threat groups leveraging them in malicious campaigns. Understanding the functioning of the crypters ecosystem is essential to having a more accurate view of the broader cybercrime landscape.
