Shellter Project, which makes a commercial AV/EDR evasion loader for penetration testing, admitted that hackers exploited its Shellter Elite product in assaults after a client leaked a copy of the software.
The exploitation has been ongoing for several months, and despite security researchers detecting the activity in the wild, Shellter has not received notification. The vendor stated that this is the first recorded case of misuse since implementing its stringent license policy in February 2023.
“We discovered that a company which had recently purchased Shellter Elite licenses had leaked their copy of the software,” Shellter noted in a statement. “This breach led to malicious actors exploiting the tool for harmful purposes, including the delivery of infostealer malware.”
Exploitation in the wild
Security experts (red teams and penetration testers) employ Shellter Elite, a commercial AV/EDR evasion loader, to cove
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: