You are currently viewing New Malware Project Targeting Task Seekers with Cobalt Strike Beacons

New Malware Project Targeting Task Seekers with Cobalt Strike Beacons

A social engineering project leveraging job-themed lures is weaponizing a years-old remote code execution defect in Microsoft Workplace to release Cobalt Strike beacons on jeopardized hosts.

” The payload found is a dripped variation of a Cobalt Strike beacon,” Cisco Talos scientists Chetan Raghuprasad and Vanja Svajcer stated in a brand-new analysis released Wednesday.

” The beacon setup consists of commands to carry out targeted procedure injection of approximate binaries and has a high credibility domain set up, displaying the redirection strategy to masquerade the beacon’s traffic.”.

The destructive activity, found in August 2022, tries to make use of the vulnerability CVE-2017-0199, a remote code execution concern in Microsoft Workplace, that permits an assaulter to take control of an afflicted system.

The entry vector for the attack is a phishing e-mail including a Microsoft Word accessory that uses job-themed lures for functions in the U.S. federal government and Civil service Association, a trade union based in New Zealand.

Cobalt Strike Beacons
Cobalt Strike Beacons

Cobalt Strike beacons are far from the only malware samples released, for Cisco Talos stated it has actually likewise observed the use of the Redline Thief and Amadey botnet executables as payloads at the other end of the attack chain.

Read the full article here

News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.