Cybersecurity experts reveal a sophisticated social engineering attack targeting supply chain-critical manufacturing firms using in-memory malware called MixShell through the ZipLine campaign. The threat leverages legitimate website contact forms and AI-themed lures to initiate multi-week, credible interactions before deploying weaponized ZIP files. #ZipLine #MixShell
Keypoints
- The ZipLine campaign targets industrial manufacturing, semiconductor, biotech, and pharmaceutical companies globally.
- Attackers use legitimate contact forms and AI-based lures to build trust before delivering malware.
- MixShell malware features in-memory execution, DNS tunneling, and advanced anti-detection techniques.
- Malicious ZIP files hosted on legitimate platforms like Heroku exploit trusted services to avoid detection.
- The campaign poses risks such as intellectual property theft, ransomware, and supply chain disruption.
Read More: https://thehackernews.com/2025/08/mixshell-malware-delivered-via-contact.html