The @FortiGuardLabs team recently uncovered a threat actor using #ScrubCrypt to spread VenomRAT along with multiple RATs.
Learn more 👉 https://ftnt.net/61104wXNTu
The @FortiGuardLabs team recently uncovered a threat actor using #ScrubCrypt to spread VenomRAT along with multiple RATs.
Learn more 👉 https://ftnt.net/61104wXNTu
#ScrubCrypt used to drop #VenomRAT along with many malicious plugins
https://securityaffairs.com/161639/cyber-crime/scrubcrypt-venomrat-plugins.html
#securityaffairs #hacking #malware
Fortinet reports on a recent phishing campaign containing Scalable Vector Graphics (SVG) files. The malicious attachment downloads a ZIP file and begins the infection chain. ScrubCrypt, described as an "antivirus evasion tool", is used to load the final payload VenomRAT while maintaining a connection with the C2 server to install plugins like XWorm, NanoCore, RemcosRAT and a crypto wallet stealer. They provides detailed insights into how the threat actor distributes VenomRAT and other plugins. IOC listed. 🔗 https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins
#ScrubCrypt #VenomRAT #RemcosRAT #XWorm #NanoCore #threatintel #IOC
8220 Gang used new #ScrubCrypt crypter in recent cryptojacking attacks
https://securityaffairs.com/143252/hacking/scrubcrypt-crypter-cryptojacking-attacks.html
#securityaffairs #hacking #malware