Tag: aes encryption

3 Attack Reports | 0 Vulnerabilities

Attack reports

VHDs Used to Distribute VenomRAT and Other Malware

A phishing campaign is utilizing virtual hard disk (VHD) image files to deliver VenomRAT malware. The attack begins with a purchase order-themed email containing a ZIP archive with a VHD file. When opened, the VHD mounts as a drive and executes a heavily obfuscated batch script. This script employs…
obfuscation
phishing
powershell
persistence
venomrat
keylogger
aes encryption
2025-03-14
vhd
Published: March 14, 2025
Downloadable IOCs: 0

ToxicPanda: a new banking trojan from Asia hit Europe and LATAM

A new Android banking Trojan called ToxicPanda has emerged, targeting Europe and Latin America. Originating from Chinese-speaking threat actors, it has infected over 1500 devices across Italy, Portugal, Spain, and other countries. ToxicPanda exploits accessibility services for account takeovers and…
android
banking trojan
aes encryption
c2 infrastructure
chinese threat actors
2024-11-06
tgtoxic
latin america
on-device fraud
toxicpanda
accessibility abuse
europe
Published: November 6, 2024
Downloadable IOCs: 19

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Trend Micro researchers have identified a new attack vector exploiting CVE-2023-22527 in older versions of Atlassian Confluence Data Center and Server. The attack deploys an in-memory fileless backdoor known as the Godzilla webshell, which uses AES encryption for communication and remains memory-re…
godzilla
remote code execution
2024-09-02
aes encryption
CVE-2023-22527
atlassian confluence
fileless backdoor
in-memory
Published: September 2, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports