In a recent wave of cyberattacks, IT professionals have become the target of a cunning malvertising campaign uncovered by Zscaler ThreatLabz researchers Roy Tay and Sudeep Singh. According to the company’s research, this campaign leverages deceptive online advertisements to distribute a previously unseen backdoor named “MadMxShell.” It all started in March 2024, when Zscaler ThreatLabz discovered a threat actor using look-alike domains to distribute MadMxShell, utilizing DLL sideloading, DNS protocol abuse, and memory forensics security solutions.
Source: HackRead