Browsing tag
In a recent blog post, the Microsoft Defender ATP research team issued a warning about a harmful file-less malware campaign called Astaroth. The team got alert when they noticed a sudden huge spike in the usage of the WMIC (Windows Management Instrumentation Command-Line) tool during the month of May and June 2019. They had deployed […]
A new unique campaign abuses system native OS process and security software to steal passwords and personal information. Threat actors disguise the Astaroth Trojan payload as JPEG, GIF, and extensionless to avoid file detections. The campaign especially targets the users in Brazil and the initial infection starts with a phishing-based campaign. Researchers form cybereason observed […]
In a blog post, Cybereason’s Nocturnus Research Team has uncovered a new strain of Astaroth Trojan which infects systems by exploiting processes of antivirus software installed in it. The Trojan is being deployed in spam campaigns in Brazil and Europe where it targeted thousands of computers as of December 2018. It spreads itself via malicious […]