Threat actors ride the hype for newly released Arc browser
May 28, 2024, 5:59 p.m.
Tags
External References
Description
The release of the Arc browser for Windows sparked interest among cyber criminals who quickly launched a malvertising campaign impersonating the new software. The scheme uses Google search ads to lure potential victims with fake Arc installers. These installers employ various techniques, including using the MEGA cloud platform for command and control, embedding code within image files, and retrieving payloads from paste sites. The final payload is likely an information stealer, highlighting the importance of exercising caution when downloading software, even from sponsored results.
Date
Published: May 28, 2024, 5:43 p.m.
Created: May 28, 2024, 5:43 p.m.
Modified: May 28, 2024, 5:59 p.m.
Indicators
b8ae9aa480f958312b87877d5d44a9c8eac6a6d06a61ef7c51d4474d39357edb
3e22ed74158db153b5590bfa661b835adb89f28a8f3a814d577958b9225e5ec1
34f4d749af50678a0bda6f38b0c437de3914a005f0d689aa89769c8c9cb8b264
018dba31beac15518027f6788d72c03f9c9b55e0abcd5a96812740bcbc699304
6c30c8a2e827f48fcfc934dd34fb2cb10acb8747fd11faae085d8ad352c01fbf
185.156.72.56
theflyingpeckerheads.com
aircl.net
ailrc.net
Attack Patterns
T1024
T1059.007
T1497
T1105
T1543
T1033
T1027
T1053
T1059