Threat actors are using images to hide malicious code to deliver malware including the VIP Keylogger and 0bj3ctivity Stealer in new campaigns. The attack starts with a phishing email, which tricks recipients into opening attachments that exploit a known security flaw to download a script. The script then retrieves an image and extracts a Base64-encoded code which runs a .NET executable. This downloads the malware which can steal data such as keystrokes and screenshots. A similar campaign has used a JavaScript file to deploy another malware called 0bj3ctivity, which is used to steal information.
FBI Reveals Major Malware Attack From China Group ‘Mustang Panda’
Chinese hacker organization Mustang Panda, suspected of being state-sponsored, has carried out a major cyberattack impacting at least 170 countries, according to the FBI and
