Hackers have exploited a licensed evasion framework, Shellter, to package information stealer payloads since April 2025, despite safeguards. The misuse involved stolen licenses and a leaked customer copy, raising concerns about security and vendor response. #Shellter #Lumma #SectopRAT #Rhadamanthys #EvasionFramework
Keypoints
- Hackers have been abusing Shellter Elite to hide malicious payloads in campaigns since April 2025.
- The evasion tool was stolen from a customer, leading to the spread of malicious use.
- Elastic Security Labs detected the misuse after adding detection capabilities for Shellter Elite-derived samples.
- The Shellter project blamed Elastic for delayed notification and attempted to address the breach after public disclosure.
- Threat actors acquired a single license and exploited it without authorization, highlighting security vulnerabilities in license management.
Read More: https://www.securityweek.com/legit-shellter-pen-testing-tool-used-in-malware-attacks/