Geeks for your information News Privacy & Security News v
Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
Inception Group Uses POWERSHOWER Backdoor in Two-Stage Spear Phishing Attacks
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
06 November 18, 15:19
Quote:Backdoor uses anti-forensics techniques to hinder analysis

The Inception threat group has been observed exploiting the CVE-2017-11882 Microsoft Office memory corruption vulnerability and a PowerShell-based backdoor dubbed POWERSHOWER in their most recent multi-stage attack campaign during October 2018.

In the attack campaign recently witnessed by Palo Alto Networks' Unite 42, Inception has remodeled their attack model using a single document that employs Microsoft Word remote templates to download remote VBScript exploit payloads packaged as OLE objects.

Source: https://news.softpedia.com/news/inceptio...3623.shtml
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.5.1 Added a Re...Kool — 15:17
XYplorer
What's new in Rele...Kool — 10:35
KeePass 2.61.1
KeePass 2.61.1 ...harlan4096 — 06:04
Adobe Acrobat Reader DC 2026.001.21529
Adobe Acrobat Read...harlan4096 — 09:58
AxCrypt 3.0.0.90
AxCrypt 3.0.0.90: ...harlan4096 — 06:27

[-]
Birthdays
Today's Birthdays
avatar (28)Honor6
Upcoming Birthdays
avatar (28)akiratoriyama
avatar (48)Jerrycix
avatar (40)awedoli
avatar (82)WinRARHowTo
avatar (38)owysykan
avatar (49)beautgok
avatar (39)axuben
avatar (45)talsmanthago
avatar (31)mocetor
avatar (46)piomaibhaict
avatar (51)kingbfef
avatar (38)izenesiq
avatar (40)ihijudu
avatar (45)tiojusop
avatar (42)Damiennug
avatar (40)acoraxe
avatar (49)contjrat
avatar (41)axylisyb
avatar (44)tukrublape
avatar (41)iruqi
avatar (42)saitetib
avatar (36)ypasodiny
avatar (39)omapek
avatar (48)Geraldtuh
avatar (44)knigiJow
avatar (46)1stOnecal
avatar (50)Mirzojap
avatar (36)idilysaju
avatar (45)xclubDum
avatar (41)Stewartanilm
avatar (44)nikitaxople
avatar (40)GregoryRog
avatar (45)mediumog
avatar (40)odukoromu
avatar (46)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>