ACRStealer Variant Deploys Syscall Evasion, TLS C2, Secondary Payloads

New research reveals that a new ACRStealer variant is now being actively deployed as a final payload by HijackLoader, using low‑level syscalls, AFD-based networking,…