Chameleon Device-Takeover Malware Attacking IT Employees

6 August 2024

Researchers have identified a new Chameleon campaign targeting hospitality employees, where the attackers employed a deceptive tactic, disguising malicious software as a CRM app. File names uploaded to VirusTotal revealed evidence of targeted attacks, including a reference to a prominent international restaurant chain. This suggests a tailored approach to compromising specific organizations within the hospitality industry. Masquerading as CRM Conventions regarding the naming of droppers and payloads indicate that the campaign is aimed at the hospitality industry and possibly more general business-to-consumer sectors. Successful infection of devices with corporate banking access grants the Chameleon malware control over business accounts, posing a significant organizational risk.

Source: GBHackers

Date:

6 August 2024

Categorie(s):

NEWS

Tag(s):

Android, Chameleon, Cyber Attack, Cyber Security News, Employees

China’s Volt Typhoon reportedly breached Singtel in ‘test-run’ for US telecom attacks6 November 2024
Snowflake data theft suspect arrested in Canada6 November 2024
Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale6 November 2024
Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024