https://community.isc2.org/t5/Threats/Attackers-Using-Obfuscation-Tools-to-Deliver-Multi-Stage-Malware/m-p/69335#M1172 <P>Hi All</P><P>&nbsp;</P><P>Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as <A href="https://thehackernews.com/2024/04/massive-phishing-campaign-strikes-latin.html" target="_blank" rel="noopener">Venom RAT</A>, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.</P><P>The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet FortiGuard Labs <A href="https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins" target="_blank" rel="noopener">said</A> in a technical report.</P><P>The modus operandi is notable for the use of the BatCloak malware obfuscation engine and ScrubCrypt to deliver the malware in the form of obfuscated batch scripts.</P><P>&nbsp;</P><P><A href="https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html" target="_blank">https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Wed, 10 Apr 2024 06:48:01 GMT Caute_cautim 2024-04-10T06:48:01Z https://community.isc2.org/t5/Threats/Attackers-Using-Obfuscation-Tools-to-Deliver-Multi-Stage-Malware/m-p/69335#M1172 <P>Hi All</P><P>&nbsp;</P><P>Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as <A href="https://thehackernews.com/2024/04/massive-phishing-campaign-strikes-latin.html" target="_blank" rel="noopener">Venom RAT</A>, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets.</P><P>The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet FortiGuard Labs <A href="https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins" target="_blank" rel="noopener">said</A> in a technical report.</P><P>The modus operandi is notable for the use of the BatCloak malware obfuscation engine and ScrubCrypt to deliver the malware in the form of obfuscated batch scripts.</P><P>&nbsp;</P><P><A href="https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html" target="_blank">https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Wed, 10 Apr 2024 06:48:01 GMT https://community.isc2.org/t5/Threats/Attackers-Using-Obfuscation-Tools-to-Deliver-Multi-Stage-Malware/m-p/69335#M1172 Caute_cautim 2024-04-10T06:48:01Z