8220 Gang Uses New ScrubCrypt Crypter to Evade Detection

Chinese 8220 Gang deployed the new ScrubCrypt payload exploiting an Oracle Weblogic Server in a specific URI between January and February 2023, revealed security experts at Fortinet. The ScrubCrypt crypter allows a hacker to secure applications with a unique BAT packing technique. It was found to be available for sale on dark web forums.