Cybercriminals are increasingly proving they do not need software vulnerabilities to compromise organizations; they need convincing deception. Researchers at Securonix are warning of a sophisticated phishing campaign targeting the hospitality sector that uses fake Booking.com reservation cancellations, deceptive CAPTCHA pages, and a panic-inducing fake Windows Blue Screen of Death (BSOD) to deploy a remote access trojan (RAT). The campaign, named PHALT#BLYX, highlights how attackers are blendi
dcrat (3)
Securonix threat researchers have been tracking a stealthy campaign targeting the hospitality sector that uses click-fix social engineering, fake captchas, and fake blue screens of death to trick users into pasting malicious code. It leverages a trusted MSBuid.exe tool to bypass defenses and deploys a stealthy, Russian-linked DCRat payload for full remote access and the ability to drop secondary payloads.[1]
An ongoing malware campaign tracked as PHALT#BLYX has been identified as a multi-stage
FortiGuard Labs recently identified a phishing campaign leveraging carefully crafted emails to deliver malicious URLs linked to convincing phishing pages. These pages are designed to entice recipients into downloading JavaScript files that act as droppers for UpCrypter Malware that ultimately deploys various remote access tools (RATs).
The attack chain begins with a small, obfuscated script that redirects victims to a spoofed site personalized with the target’s email domain, enhancing credibili
