The VMConnect campaign exploits fake job interviews to lure developers into executing malicious code, utilizing disguised software packages to facilitate the attacks.
Researchers identified compromised developers and noted the ongoing campaign where attackers impersonate employees of major financial firms to distribute malware.
Continuous threat monitoring using advanced detection techniques by ReversingLabs led to the uncovering of malware hidden in legitimate-looking Python files.
The malicious packages included detailed README files instructing users to engage with the code, ensuring the malware executes under deceptive coding tasks.
Collection
[
|
...
]