Novel Script-Based Attack That Leverages PowerShell And VBScript

19 March 2024

A new campaign has been identified as DEEP#GOSU is likely linked to the Kimsuky group, and it employs a new script-based attack chain that uses numerous PowerShell and VBScript stagers to stealthily infect systems. Its features included data exfiltration, keylogging, clipboard monitoring, dynamic payload execution, and persistence via scheduled activities, self-executing PowerShell scripts using jobs, and RAT software for complete remote access. “The malware payloads used in the DEEP#GOSU represents a sophisticated, multi-stage threat designed to operate stealthily on Windows systems especially from a network-monitoring standpoint”, Securonix Threat Research Team shared with Cyber Security News.

Source: GBHackers

Date:

19 March 2024

Categorie(s):

NEWS

Tag(s):

Attacks, Cyber Attack, Cyber Security News, Malware, Microsoft

No more 12345: devices with weak passwords to be banned in UK28 April 2024
20 Best Linux Password Managers in 202428 April 2024
Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024