Hackers ‘Shellter’ Infostealers in Red Team Tool

Threat actors are abusing a commercial AV/EDR evasion framework, Shellter, to distribute infostealer malware. The framework, typically used by red teamers, enables attackers to evade detection by leveraging features like self-modifying shellcode, polymorphic obfuscation, and bypassing API hooking techniques. Elastic researchers expect the illicit version of Shellter to continue circulating, potentially reaching nation-state actors, and are releasing a dynamic unpacker to aid defenders.