Home Malware Programs Malware Sibot Malware

Sibot Malware

Posted: March 5, 2021

The Sibot Malware is a threatening implant believed to be used as a first-stage payload by the criminals associated with the supply-chain attack against SolarWinds. The attack was discovered in December 2020, but further research showed that the criminals might have been able to penetrate SolarWinds' security sooner. The Sibot Malware, however, was not used in this campaign. Instead, the Nobelium APT hackers had employed it in previous attack campaigns, against US-based entities active in the government and technology sectors primarily.

The Sibot Malware is a relatively simple VBScript, which tries to hide its presence and intentions by mimicking the names of legitimate Windows services and features. Of course, this would only make it more difficult to detect by end-users – automated malware removal tools will sniff out Sibot Malware's threatening behavior easily, and terminate it before it causes any trouble.

If the Sibot Malware is deployed successfully, it will connect to a remote control server, and try to fetch additional payloads to install and run. It is believed that the Nobelium APT hackers relied on the Sibot Malware to deliver secondary payloads like the GoldMax Malware or the GoldFinder Malware.

Multi-stage attacks are not unusual for Advanced Persistent Threat (APT) groups like Nobelium. Companies can protect their networks by strengthening security protocols, as well as relying on reputable firewall and anti-virus services.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Sibot Malware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner*

* See Free Trial offer below. EULA and Privacy/Cookie Policy.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.