#dcrat

[ follow ]
#phishing #msbuild-abuse #hospitality-sector #social-engineering #phaltblyx #bsod-lure
Information security
fromSecuritymagazine
2 days ago

New Malware Campaign Targeting Hospitality Sector

PHALT#BLYX targets hospitality with booking.com lures, fake CAPTCHA and BSOD to trick users into running PowerShell and deploy an obfuscated DCRat via MSBuild.exe.
fromThe Hacker News
3 days ago

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

"For initial access, the threat actors utilize a fake Booking.com reservation cancellation lure to trick victims into executing malicious PowerShell commands, which silently fetch and execute remote code," researchers Shikha Sangwan, Akshay Gaikwad, and Aaron Beardslee said. The starting point of the attack chain is a phishing email impersonating Booking.com that contains a link to a fake website (e.g., "low-house[.]com").
Information security
[ Load more ]