Cybercriminals are using Skype to disseminate a malware known as DarkGate. DarkGate has been in existence since 2017 and has seen a recent revival in usage. It’s believed this resurgence is due to the malware’s developer leasing it on the dark web. Consequently, hackers have been taking over Skype conversations and sending victims to a SharePoint site to download the malicious file. Once this file is launched, it establishes persistence by dropping a random LNK file into the Windows user startup folder. Across the three observed delivery methods, researchers noted that the majority of targets (41%) were in the Americas.
Group-IB’s Threat Intelligence and Defence Centre Equip Undergraduates with Sophisticated Cybersecurity Technologies to Boost Threat Analysis and Enhance Cyber Resilience for Campus Start-ups
Hey there from the heart of the San Francisco Bay Area! It’s an absolute pleasure to have you back again for our chat on some
