Recherche : [FileZilla]

Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail https://thehackernews.com/2024/05/cyber-criminals-exploit-github-and.html

25/05/2024 21:59:33

A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro.

From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/

01/04/2024 10:32:27

In late February 2023, threat actors rode a wave of initial access using Microsoft OneNote files. In this case, we observed a threat actor deliver IcedID using this method.
After loading IcedID and establishing persistence, there was no further actions, other than beaconing for over 30 days.
The threat actor used Cobalt Strike and AnyDesk to target a file server and a backup server.
The threat actor used FileZilla to exfiltrate data from the network before deploying Nokoyawa ransomware.

Liens par page

Filtres