Cybersecurity researchers have identified a new, advanced version of the Matanbuchus malware loader, enhancing its stealth capabilities and targeting tactics. This malware-as-a-service is used for deploying payloads like ransomware and Cobalt Strike, often via social engineering and compromised enterprise collaboration tools. #Matanbuchus #CobaltStrike #Ransomware #CybercrimeForums
Keypoints
- Matanbuchus 3.0 is a sophisticated malware loader that supports in-memory operation and advanced obfuscation.
- It is primarily deployed through social engineering tactics, such as impersonating IT support via Microsoft Teams calls.
- The malware can execute various payloads, including DLLs, executables, and shellcode, with persistence achieved through scheduled tasks.
- It features enhanced communication protocols, remote command capabilities, and the ability to evade detection using stealth techniques.
- Experts link this malware to targeted attacks involving enterprise collaboration tools and malware syndicates like Black Basta.
Read More: https://thehackernews.com/2025/07/hackers-leverage-microsoft-teams-to.html