Today > | 4 Medium | 2 Low vulnerabilities   -   You can now download lists of IOCs here!

Supply Chain Compromise Leads to Trojanized Installers

July 1, 2024, 11:18 a.m.

Description

Rapid7 discovered that installers for Notezilla, RecentX, and Copywhiz hosted on conceptworld[.]com were trojanized to execute information-stealing malware. The malware can steal browser credentials, crypto wallet info, clipboard data, and keystrokes, as well as download additional payloads. Rapid7 disclosed the issue to Conceptworld, who promptly removed the malicious installers.

Date

Published: July 1, 2024, 11:05 a.m.

Created: July 1, 2024, 11:05 a.m.

Modified: July 1, 2024, 11:18 a.m.

Indicators

fdc84cb0845f87a39b29027d6433f4a1bbd8c5b808280235cf867a6b0b7a91eb

ebf2b84ed64629242f8d0abfca73344736205249539474e8f57d1d3dbe8ccc41

de4e03288071cdebe5c26913888b135fb2424132856cc892baea9792d6c66249

cdc1f2430681e9278b3f738ed74954c4366b8eff52c937f185d760c1bbba2f1d

ca6ff18ee006e7ab3cb42fc541b08ce4231dadfab0cce57b1c126db3df9f1297

bfa99c41aecc814de5b9eb8397a27e516c8b0a4e31edd9ed1304da6c996b4aaa

a89953915eabe5c4897e414e73f28c300472298a6a8c055fcc956c61c875fd96

70bce9c228aacbdadaaf18596c0eb308c102382d04632b01b826e9db96210093

6f49756749d175058f15d5f3c80c8a7d46e80ec3e5eb9fb31f4346abdb72a0e7

6487a0dc9dfbbaa6557af096178a1361e49762a41500aa03f17df5d3b159bf4e

33e4d5eed3527c269467eec2ac57ae94ae34fd1d0a145505a29c51cf8e83f1b9

4df9b7da9590990230ed2ab9b4c3d399cf770ed7f6c36a8a10285375fd5a292f

2eae4f06f2c376c6206c632ac93f4e8c4b3e0e63eca3118e883f8ac479b2f852

1fa84b696b055f614ccd4640b724d90ccad4afc035358822224a02a9e2c12846

048cae10558cddfb2cf0ade25f1101909bba58d0a448e0d78590cc5e64e95127

03761d9fd24a2530b386c07bf886350ae497e693440a9319903072b93a30c82d

50.2.108.102

5.180.185.42

212.70.149.210

185.137.137.74

170.130.34.114

104.206.95.146

104.140.17.242

104.206.2.18

104.206.220.113

104.206.57.117

50.2.191.154

Attack Patterns

T1195.002

T1059.006

T1048

T1053.005

T1560.001

T1555.003

T1059.003

T1115

T1571

T1056.001

T1204.002

T1005