![]() ![]() To lure new victims, attackers disguise the malware as a purchase order using file names such as Purchase Order.exe, New_Order_*.exe, AMAZON_ORDER*PDF.ex, etc. This crypter delivers many malware families, such as AsyncRAT, njRAT, QuasarRAT, WarzoneRAT, NanoCore RAT, and RedLine Stealer, putting organizations in every sector and industry at risk. NET loader (which we refer to as DNetLoader) and a. The attack chain we saw comprises two main components a. As a conduit for new, highly innovative crypters, Discord plays an important role in a campaign that starts with targeted phishing emails directed at organizations in various sectors. The attack chain preceding the SYK crypter deployment demonstrates a new evolution of how threat actors abuse Discord's CDN (content delivery network). ![]() We can report that as Discord has expanded from a gaming messaging app to broader use, it’s being used to distribute a crypter we named SYK. Our researchers previously dissected other Discord-related threats like Babadeda and NFT-001. Morphisec’s Threat Labs team is on the cutting edge of threat research in this area. ![]() In this threat research report, Morphisec reveals how threat actors are using Discord as part of an increasingly popular attack chain with a new SYK crypter designed to outwit signature and behavior-based security controls. This has led cybercriminals to refine and expand malicious attack use cases for the platform. With 50% more users last year than in 2020, the number of people using the community chat platform Discord is growing at a blistering pace. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |