Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files
#1
Information 
Quote:The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites.
 
The remote access trojan (RAT), which has been operating since 2019, spreads via emails, which have malicious Microsoft Office documents attached. Previously, payloads were embedded into the documents themselves. Now, if users click on the attachment, they’re redirected to malicious URLs where the payloads are hidden with steganography.
 
Researchers warn that this new tactic has been seen helping ObliqueRAT operators to avoid detection during the malware’s targeting of various organizations in South Asia — where the goal is to ultimately sends victims an email with malicious Microsoft Office documents, which, once clicked, fetch the payloads and ultimately exfiltrate various data from the victim.

“This new campaign is a typical example of how adversaries react to attack disclosures and evolve their infection chains to evade detections,” said Asheer Malhotra, researcher with Cisco Talos, on Tuesday. “Modifications in the ObliqueRAT payloads also highlight the usage of obfuscation techniques that can be used to evade traditional signature-based detection mechanisms.”

Read more: https://threatpost.com/website-images-ob...re/164395/
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
NSA: 5 Security Bugs Under Active Nation...
The Feds are warni...silversurfer — 08:04
Google Project Zero Cuts Bug Disclosure ...
Google Project Zer...silversurfer — 08:02
iOS Kids Game Morphs into Underground Cr...
A kids’ game calle...silversurfer — 08:00
BazarLoader Malware Abuses Slack, BaseCa...
The BazarLoader ma...silversurfer — 07:58
NoVirusThanks OSArmor v1.5.7
We've released a n...harlan4096 — 06:07

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (40)wapedDow
avatar (44)oapedDow
avatar (37)Sanchowogy
avatar (39)techlignub
avatar (38)Stevenmam
avatar (45)onlinbah
avatar (46)steakelask
avatar (40)Termoplenka
avatar (38)bycoPaist
avatar (44)pieloKat
avatar (38)ilyagNeexy
avatar (46)donitascene
avatar (46)Toligo
avatar (33)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>