Tech
Malvertising campaign deploys Oyster backdoor via trojanized software installers
Attacks using malicious installers for Microsoft Teams, Google Chrome, and other widely used software have been launched to facilitate the delivery of the Oyster backdoor, also known as Broomstick, as part of a new malvertising campaign, The Hacker News reports.
Intrusions involved luring targets to download a setup binary from legitimate-looking fraudulent websites that directly deploys the Oyster malware, marking a change from the previous usage of a dedicated loader for the payload, according to an analysis from Rapid7.
Aside from executing the malware with host data exfiltration, command-and-control communication, and remote code execution capabilities, attacks also entailed the installation of legitimate Microsoft Teams software and a PowerShell script to evade detection and ensure persistence, respectively, researchers said. Such findings follow a report by Symantec detailing a Rogue Raticate phishing campaign involving the utilization of malicious PDFs for NetSupport RAT delivery, as well as another EclecticIQ report regarding the new ONNX Store phishing-as-a-service platform that uses Microsoft 365 login interface-spoofing pages.
From Stadium to Screen: How Technology is Changing Sports Viewing
20/7/2024 Horse Racing Tips and Best Bets – Flemington, Flemington Cup day
Indian tech hub Karnataka state’s move to reserve jobs for locals not finalised, chief minister says
Financial picture dramatically improves for Shamrock Rovers in 48 hours with Sinclair Armstrong deal and European win
Our fashion editor’s favourite affordable bag is 20% off today
Jay Shah’s Big Decision Hovers Over Cricket’s Associate Member Directors Election
Budget shampoo that adds MAJOR volume boost is on sale for Amazon Prime Day: ‘Your hair feels fuller and thicker’
Being active on your commute lowers risk of disease and mental health
Tiger Woods cops brutal Open schedule as full Round 1 tee times revealed
