Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

Threat actors ride the hype for newly released Arc browser

May 28, 2024, 5:59 p.m.

Description

The release of the Arc browser for Windows sparked interest among cyber criminals who quickly launched a malvertising campaign impersonating the new software. The scheme uses Google search ads to lure potential victims with fake Arc installers. These installers employ various techniques, including using the MEGA cloud platform for command and control, embedding code within image files, and retrieving payloads from paste sites. The final payload is likely an information stealer, highlighting the importance of exercising caution when downloading software, even from sponsored results.

Date

Published: May 28, 2024, 5:43 p.m.

Created: May 28, 2024, 5:43 p.m.

Modified: May 28, 2024, 5:59 p.m.

Indicators

b8ae9aa480f958312b87877d5d44a9c8eac6a6d06a61ef7c51d4474d39357edb

3e22ed74158db153b5590bfa661b835adb89f28a8f3a814d577958b9225e5ec1

34f4d749af50678a0bda6f38b0c437de3914a005f0d689aa89769c8c9cb8b264

018dba31beac15518027f6788d72c03f9c9b55e0abcd5a96812740bcbc699304

6c30c8a2e827f48fcfc934dd34fb2cb10acb8747fd11faae085d8ad352c01fbf

185.156.72.56

theflyingpeckerheads.com

aircl.net

ailrc.net

Attack Patterns

T1024

T1059.007

T1497

T1105

T1543

T1033

T1027

T1053

T1059