CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File

24 April 2024

This campaign is observed to be targeting multiple countries, including the U.S., Nigeria, Germany, Egypt, the U.K., Poland, the Philippines, Norway, and Japan. The threat actor behind this ongoing campaign has been identified as “CoralRaider, ” whose Tactics, Techniques, and Procedures (TTPs) overlap with the current campaign. The threat actor’s previous campaigns, which included using a Windows Shortcut file, identical PowerShell Decryptor and Payload download scripts, and FoDHelper techniques for bypassing UAC (User Access Control) on the victim machine, are similar.

Source: GBHackers

Date:

24 April 2024

Categorie(s):

NEWS

Tag(s):

Antivirus, Cyber Attack, Cyber Security News, Cyber Threats, Files

Europe’s Most Wanted Teenage Hacker Arrested6 May 2024
A week in security (April 29 – May 5)6 May 2024
New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs6 May 2024
McAfee and Intel collaborate to combat deepfakes with Deepfake Detector6 May 2024
The Impact of NIST SP 800-171 on SMBs6 May 2024