A script collected system information from computers, sending it back to the C2 server. A second script, a GammaSteel variant, exfiltrated files with specific extensions from directories using PowerShell web requests. If unsuccessful, it used cURL command line tool with a Tor proxy. The web service write.as may have been an alternative data exfiltration channel.
He downloaded a WhatsApp image. Minutes later, Rs 2 lakh was gone | Technology News
Pradeep Jain lost Rs 2.01 lakh from his bank account after hackers gained access to his phone through a scam using Least Significant Bit (LSB)
