Tag: nsis installer

2 Attack Reports | 0 Vulnerabilities

Attack reports

HEXON STEALER: THE LONG JOURNEY OF COPYING, HIDING, AND REBRANDING

Hexon Stealer, a malware capable of extracting sensitive information from browsers, has emerged as a rebranded version of Stealit Stealer. It utilizes the Electron framework and NSIS installer format to target browser cookies, credentials, and crypto-wallets. The malware grants full remote access t…
obfuscation
remote access
nsis installer
cryptocurrency theft
browser data theft
2024-11-23
hexon stealer
electron framework
stealit stealer
turkish developer
discord stealer
fewer stealer
Published: November 23, 2024
Downloadable IOCs: 0

Exploring the Infection Chain: ScreenConnect's Link to AsyncRAT Deployment

In June 2024, eSentire's Threat Response Unit observed several incidents involving users downloading the ScreenConnect remote access client, potentially facilitated through drive-by downloads. Threat actors exploited ScreenConnect to establish unauthorized remote sessions, ultimately deploying the …
screenconnect
asyncrat
autoit
2024-07-05
nsi script
nsis installer
Published: July 5, 2024
Downloadable IOCs: 77
Click here to see more Attack Reports