[MART] - Daily Diary #463 - War As a Decoy to Distribute Malware

CTAS-MAT ctas-mat at appgate.com
Sat Mar 5 00:00:56 UTC 2022


I hope everyone is doing well!

Below is the entry for today.

03/04/2022 - Diary entry #463:

Cybercriminals are always taking advantage of recent news or events to lure victims. Recently, the military conflict in Ukraine has been used in phishing campaigns to infect victims with two well-known Remote Access Trojans (RATs): AgentTesla and Remcos.

Remcos (Remote Control & Surveillance Software), is a remote access software used to control computers remotely. AgentTesla is a malware-as-a-service commercialized among criminals which is capable of stealing credentials, logging keystrokes, monitoring clipboard data, and more.

Both malware families are heavily used as an initial stage threat to infect victims, exfiltrate information, and perform actions such as lateral movement before deploying a final payload in the network like a Ransomware for example. Therefore, campaigns like in this case are very effective to deliver malware-as-a-service threats, tricking victims into executing them.

Kind Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220305/c5eac072/attachment.htm>

More information about the MART mailing list