HCrypt has the role to create obfuscated VBScripts and PowerShell to distribute payloads.The crypter used in this campaign is called HCrypt, more specifically its version 7.8.The payload can be found in an obfuscated PowerShell script.An ISO picture distributed through phishing emails or websites represents the compromised file.The cybercriminals made use of compromised WordPress websites to host phishing kits inside file hosting services.The Water Basilisk Campaign: More DetailsĪccording to Cyware, the Water Basilisk campaign, discovered by the TrendMicro researchers is a fileless one and can be characterized by the following: Then, through a RAT, the hacker can compromise a machine and eventually spread it to other computers by creating a botnet. The thing with this malware is that it can be downloaded unknowingly. How can RATs spread? Through user-requested programs, for instance, games or another example would be via email attachments. What Is a RAT?Īs we also wrote about in a previous post, a RAT, the short form of Remote Access Trojan, stands basically for a malware type that cybercriminals use to gain full control over a targeted computer. Among the propagated RATs we can mention LimeRat, QuasarRat, BitRat, NjRat, Warzone, and Nanocore RAT. The so-called Water Basilisk campaign makes use of a new crypter with the goal of RATs distribution. Another malicious operation wreaks havoc in the world of malware and trojans.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |