An array of cunning cyberattack campaigns utilizing seemingly innocuous invoices to deliver malware attacks have been uncovered by cybersecurity researchers. In this deceptive campaign, malicious Scalable Vector Graphics (SVG) file attachments are embedded in phishing emails that have been crafted to pose as malicious content.
There is a risk that an intricate infection sequence will unfold once the victim opens the attachment, potentially releasing the victim’s computer with various types of malware strains.
Using this invoice-themed phishing scheme, FortiGuard Labs at Fortinet, a leading cybersecurity research team, identified a variety of malware.
The malicious payloads included RATs such as Venom RAT, Remcos RAT, NanoCore RAT, and XWorm, as well as other Remote Access Trojans (RATs) that are known to have been exploited by hackers. Furthermore, the attack arsenal has incorporated a cryptocurrency wallet stealer that allows attackers to steal digital currencies from users without their knowledge of it.
In a technical report published by Fortinet FortiGuard Labs, a technical report said that the emails include Scalable Vector Graphics files (SVG) that activate infection sequences when clicked. It is of particular note that the modus operandi uses BatCloak’s malware obfuscation engine and ScrubCrypt to deliver malware as obfuscated batch scripts via the BatCloak malware obfuscation engine. […]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: