Security and data protection solutions provider company Secret has launched a new malpam spam campaign. Hackers send PowerPoint files to users in fake emailsHackers are able to hack the system when users open it
Security and data protection solutions provider company Secret has launched a new malpam spam campaign. Under this campaign, hackers steal data of Indian manufacturers and exporters through fake emails. According to a report by Secret, the hackers' remote access tools include Tesla, Remocos RAT and Nanocor RAT.
Many organizations on target, Researchers at Secret have been following the hackers' campaign track since April 2020. Hackers steal data by changing their location. Even before this, the data of many companies has been stolen.
According to reports, hackers have used public systems such as Pastibin (a type of online content hosting service) and Beatles.How do hackers attack?
Hackers e-mail phishing users. It contains some MS PowerPoint files, including a malicious VBA (Visual Basic for Application) macro. Hackers spread the virus to computer systems using VBA programming in MS Office.
Post Execution, Malware uses pre-existing software to download malicious payloads from Pastibin. Which keeps the spread of the virus intact in the system.
Hackers use this type of technology,LoLBins or Live of the Land Binaries, Hackers abuse built-in tools for malicious purposes.Payload host on Legal File Hosting Service Pastibin
Hackers host a malicious payload on Pastibin, a web-based platform. It can share source code on a large scale. This allows hackers to break network security controls and steal data.
AMSI (Anti Malware Scan Interface) Breach, Hackers use a variety of technologies for AMSI breach.Memory payload executionThis process loads malicious code into the memory of a file-less infection system and avoids anti-virus protection.
Users need to be careful
Secret advises that users need to take special precautions during hacking periods. Attachments in anonymous email should be considered 10 times before opening. The link in the mail should be understood and opened. Your device's operating system should be updated frequently.
