the SoylKeyLogger (TSKL) v2.3 - Release Notes

Release Date: February 2025

New Features & Enhancements

• StealthCloud Mode
  TSKL can now dynamically offload captured data to remote, anonymized cloud nodes when local storage reaches critical levels. The feature ensures continuous logging without detection.
• DeepShadow Persistence
  Enhanced resilience against antivirus and anti-malware solutions. TSKL can now auto-recompile into new signatures upon detection and reinstate itself after removal attempts.
• SilentLink Expansion
  TSKL now has extended capabilities to use smart home devices (e.g., Amazon Echo, Google Nest) as relay points to push itself to newly discovered local assets via Bluetooth and Zigbee.
• AutoCrypt Tunneling
  Improved network obfuscation techniques now allow keystroke and screenshot data to be exfiltrated over DNS tunneling and WebRTC.
• KernelCamouflage (Windows/Linux)
  A new root-level obfuscation method disguises TSKL as a kernel module, ensuring deeper persistence and making it virtually undetectable in traditional process listings.

Bug Fixes & Optimizations

• Fixed an issue where periodic screenshots could cause a flicker on some high-refresh-rate monitors, increasing the chance of user detection.
• Addressed a bug where TSKL failed to properly spread via Bluetooth on macOS devices using M1/M2 chips.
• Fixed a rare case where TSKL's hidden datastore would become visible in Windows Disk Management after a failed write operation.
• Optimized CPU usage on older hardware to prevent excessive overheating that could raise suspicion.
• Resolved an issue where TSKL failed to exfiltrate data in environments with strict outbound firewall rules. AutoCrypt Tunneling has been improved to mitigate this.
• Enhanced cross-platform compatibility for Windows 11, macOS Sonoma, and Ubuntu 24.04.
• Fixed a bug where stealth propagation via SMB shares could cause instability on Windows Server environments.

Known Issues

• The KernelCamouflage feature can cause delays in boot times on systems running custom kernel builds.
• Some users have reported increased Bluetooth discovery latency in environments with a large number of smart devices.
• AutoCrypt Tunneling over DNS may not work in networks that employ aggressive deep packet inspection.

Final Notes

The TSKL development team thanks all participating associates for their continued feedback and anonymous telemetry reports. Your cooperation ensures TSKL remains effective and continues to contribute to the success of our organization. Stay tuned for v2.4, where we introduce AI-powered keystroke analysis and passive biometric profiling.