Summary: The article discusses the emergence of two new malware families, RevC2 and Venom Loader, associated with the threat actor Venom Spider, known for its Malware-as-a-Service (MaaS) offerings. These malware families were identified during campaigns from August to October 2024, utilizing various techniques for data exfiltration and remote code execution.…
Read More
Summary: In September 2024, FortiGuard Labs reported an attack involving SmokeLoader malware targeting various sectors in Taiwan. SmokeLoader’s advanced evasion techniques and modular design allow it to execute a range of attacks, primarily serving as a downloader for other malware. The attack utilized phishing emails and exploited vulnerabilities in Microsoft Office to deliver the malicious payload.…
Read More
Summary: The CERT-AGID has reported a recent malware campaign that initially failed due to a missing activation string in the malicious email attachments. After revising their strategy, the attackers successfully deployed AgentTesla, a well-known infostealer, utilizing advanced encryption techniques to evade detection. The campaign highlights the challenges in malware deployment and the importance of proper integration of tools.…
Read More
Summary: Recent months have witnessed a significant increase in malicious email campaigns utilizing lookalike attachments, particularly ZIP files containing JScript scripts. These scripts, often disguised as legitimate requests for proposals, have targeted numerous users and businesses, primarily in Russia. The campaign, dubbed Horns&Hooves, has evolved over time, employing various methods to deliver the NetSupport RAT, a tool commonly exploited by cybercriminals.…
Read More