A thwarted attack demonstrates that threat actors are using another delivery method for the malware, which has already been spread using phishing emails, malvertising, hijacking instant messages, and SEO poisoning. The DarkGate remote access Trojan (RAT) has a new attack vector: A threat actor targeted a Microsoft Teams user via a voice call to gain access to their device. Researchers said the attack adds to the other methods for spreading the RAT, which previously has been propagated using phis
darkgate (3)
DarkGate malware operators have been exploiting a now-patched Windows SmartScreen bypass flaw through a phishing campaign that distributes fake Microsoft software installers to propagate the malicious code. Researchers discovered a then zero-day Internet Shortcut Files security feature bypass vulnerability tracked as CVE-2024-21412 earlier this year. Microsoft patched it as part of its February 2024 edition of Patch Tuesday updates. That was not before attackers such as Water Hydra exploited i
The malware loader PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. PikaBot was previously only distributed via malspam campaigns, similar to QakBot, and emerged as one of the preferred payloads for a threat actor known as TA577. The malware family, which first appeared in early 2023, consists of a loader and a core module that allows it to operate as a backdoor and a distributor for other payloads.
See: https://re
