+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Privacy & Security News (https://www.geeks.fyi/forumdisplay.php?fid=107)
+--- Thread: Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks (/showthread.php?tid=4419)
Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks - silversurfer - 06 November 18
Quote:Backdoor uses anti-forensics techniques to hinder analysis
The Inception threat group has been observed exploiting the CVE-2017-11882 Microsoft Office memory corruption vulnerability and a PowerShell-based backdoor dubbed POWERSHOWER in their most recent multi-stage attack campaign during October 2018.
In the attack campaign recently witnessed by Palo Alto Networks' Unite 42, Inception has remodeled their attack model using a single document that employs Microsoft Word remote templates to download remote VBScript exploit payloads packaged as OLE objects.
Source: https://news.softpedia.com/news/inception-group-uses-powershower-backdoor-in-two-stage-spear-phishing-attacks-523623.shtml