XLoader malware is spreading via Eclipse Jarsigner using DLL side-loading, evading detection with encrypted decoys and advanced obfuscation.