Cybersecurity researchers at Morphisec have discovered a new variant of ValleyRAT malware with more advanced evasion tactics, multi-stage infection chains, and novel delivery methods. The malware targets high-value individuals within organisations, particularly those in finance, accounting, and sales, with an intention to steal sensitive data. The variant uses a fake website of a Chinese telecom company, “Karlos,” to distribute infection.
Chinese ‘Infrastructure Laundering’ Abuses AWS, Microsoft Cloud
Researchers have linked the China-based content delivery network (CDN) Funnull to “infrastructure laundering”, a malicious practice exploiting mainstream hosting providers such as AWS and Microsoft
