Tag: alternate data streams

2 Attack Reports | 0 Vulnerabilities

Attack reports

Cloud Atlas: Analysis of Phishing Campaign and VBShower Backdoor

The article analyzes a phishing campaign by the Cloud Atlas APT group targeting Russian organizations. It details five successful attacks on the same system over time, using malicious Microsoft Office documents to deliver the VBShower backdoor. The attackers used alternate data streams to hide mali…
backdoor
apt
phishing
microsoft office
alternate data streams
CVE-2018-0802
vbcloud
vbshower
2026-02-23
Published: February 23, 2026
Linked vulnerabilities : CVE-2018-0802
Downloadable IOCs: 10

Hidden in Plain Sight: New Attack Chain Delivers Espionage RATs

An advanced persistent threat group, TA397, targeted a Turkish defense organization with a sophisticated attack chain. The campaign used a RAR archive containing a decoy PDF, a shortcut file, and an Alternate Data Stream with PowerShell code. The infection process involved creating a scheduled task…
apt
espionage
rat
south asia
defense sector
scheduled tasks
2024-12-17
turkey
miyarat
wmrat
alternate data streams
Published: December 17, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports