Threat actors ride the hype for newly released Arc browser

May 28, 2024, 5:59 p.m.

Description

The release of the Arc browser for Windows sparked interest among cyber criminals who quickly launched a malvertising campaign impersonating the new software. The scheme uses Google search ads to lure potential victims with fake Arc installers. These installers employ various techniques, including using the MEGA cloud platform for command and control, embedding code within image files, and retrieving payloads from paste sites. The final payload is likely an information stealer, highlighting the importance of exercising caution when downloading software, even from sponsored results.

External References

https://www.threatdown.com/blog/threat-actors-ride-the-hype-for-newly-released-arc-browser/
https://otx.alienvault.com/pulse/665617aa94656113fadcaf98
Tags
malvertising
infostealer
2024-05-28
arc browser

Date

  • Created: May 28, 2024, 5:43 p.m.
  • Published: May 28, 2024, 5:43 p.m.
  • Modified: May 28, 2024, 5:59 p.m.

Indicators

  • b8ae9aa480f958312b87877d5d44a9c8eac6a6d06a61ef7c51d4474d39357edb
  • 3e22ed74158db153b5590bfa661b835adb89f28a8f3a814d577958b9225e5ec1
  • 34f4d749af50678a0bda6f38b0c437de3914a005f0d689aa89769c8c9cb8b264
  • 018dba31beac15518027f6788d72c03f9c9b55e0abcd5a96812740bcbc699304
  • 6c30c8a2e827f48fcfc934dd34fb2cb10acb8747fd11faae085d8ad352c01fbf
  • 185.156.72.56
  • theflyingpeckerheads.com
  • aircl.net
  • ailrc.net
Download all indicators here!

Attack Patterns