Tag: installer
4 attack reports | 0 vulnerabilities
Attack reports
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity
On July 24, 2024, CrowdStrike Intelligence identified an unattributed spearphishing attempt delivering an inauthentic installer impersonating CrowdStrike's Crash Reporter through a website targeting a German entity. The site utilized JavaScript obfuscation to deliver the malicious installer, which …
Downloadable IOCs 5
Warning Against the Distribution of Malware Disguised as Software Cracks
This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to prevent the installation of V3 Lite, an anti-malware solution, by terminating its installation process. This tactic allows them to maintain persistence and continue upda…
Downloadable IOCs 1
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Rapid7 discovered that version 8.3.7 of the JAVS Viewer software from Justice AV Solutions contained a backdoor installer allowing attackers to gain remote control over affected systems. The malicious installer included a binary named fffmpeg.exe which executed obfuscated PowerShell scripts and fac…
Downloadable IOCs 10
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity
On July 24, 2024, CrowdStrike Intelligence identified an unattributed spearphishing attempt delivering an inauthentic installer impersonating CrowdStrike's Crash Reporter through a website targeting a German entity. The site utilized JavaScript obfuscation to deliver the malicious installer, which …
Downloadable IOCs 5
Warning Against the Distribution of Malware Disguised as Software Cracks
This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to prevent the installation of V3 Lite, an anti-malware solution, by terminating its installation process. This tactic allows them to maintain persistence and continue upda…
Downloadable IOCs 1
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Rapid7 discovered that version 8.3.7 of the JAVS Viewer software from Justice AV Solutions contained a backdoor installer allowing attackers to gain remote control over affected systems. The malicious installer included a binary named fffmpeg.exe which executed obfuscated PowerShell scripts and fac…
Downloadable IOCs 10
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity
On July 24, 2024, CrowdStrike Intelligence identified an unattributed spearphishing attempt delivering an inauthentic installer impersonating CrowdStrike's Crash Reporter through a website targeting a German entity. The site utilized JavaScript obfuscation to deliver the malicious installer, which …
Downloadable IOCs 5
Warning Against the Distribution of Malware Disguised as Software Cracks
This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to prevent the installation of V3 Lite, an anti-malware solution, by terminating its installation process. This tactic allows them to maintain persistence and continue upda…
Downloadable IOCs 1
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Rapid7 discovered that version 8.3.7 of the JAVS Viewer software from Justice AV Solutions contained a backdoor installer allowing attackers to gain remote control over affected systems. The malicious installer included a binary named fffmpeg.exe which executed obfuscated PowerShell scripts and fac…
Downloadable IOCs 10
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity
On July 24, 2024, CrowdStrike Intelligence identified an unattributed spearphishing attempt delivering an inauthentic installer impersonating CrowdStrike's Crash Reporter through a website targeting a German entity. The site utilized JavaScript obfuscation to deliver the malicious installer, which …
Downloadable IOCs 5
Warning Against the Distribution of Malware Disguised as Software Cracks
This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to prevent the installation of V3 Lite, an anti-malware solution, by terminating its installation process. This tactic allows them to maintain persistence and continue upda…
Downloadable IOCs 1
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack
Rapid7 discovered that version 8.3.7 of the JAVS Viewer software from Justice AV Solutions contained a backdoor installer allowing attackers to gain remote control over affected systems. The malicious installer included a binary named fffmpeg.exe which executed obfuscated PowerShell scripts and fac…
Downloadable IOCs 10