“The ultimate objectives of the threat actor are presently unknown,” Proofpoint researchers Bryan Campbell, Zachary Abzug, Andrew Northern and Selena Larson acknowledged in the post. These include the use of a legitimate software package installer called Chocolatey as an initial payload, equally legitimate Python tools that wouldn’t be flagged in network traffic, and a novel detection bypass technique using a Scheduled Task, they said. However, between initial contact and payload, the attack uses methods to avoid detection that haven’t been seen before, researchers revealed in a blog post Monday. Researchers have discovered a cyberattack that uses unusual evasion tactics to backdoor French organizations with a novel malware dubbed Serpent, they said.Ī team from Proofpoint observed what they call an “advanced, targeted threat” that uses email-based lures and malicious files typical of many malware campaigns to deliver its ultimate payload to targets in the French construction, real-estate and government industries.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |