menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Crime News

>

Cloud Atla...
source image

Securelist

1d

read

270

img
dot

Image Credit: Securelist

Cloud Atlas seen using a new tool in its attacks

  • Cloud Atlas has been found to be using a previously undocumented toolset in which the group heavily used in 2024.
  • The group targets Eastern Europe and Central Asia mostly.
  • Victims get infected through phishing emails with a malicious document.
  • The HTA files in the document exploit vulnerabilities in formula editors to download and execute malware code.
  • After the download is complete, the malware adds a registry key to run an auto script 'VBShower Launcher'.
  • VBCloud, a new tool, is being used to steal data from the infected system.
  • VBCloud module duplicates the core functionality of VBShower and uses public cloud storage as C2 server.
  • The group uses PowerShell scripts to perform a range of tasks on the infected system.
  • Phishing emails continue to play an important role as an initial access point.
  • Cloud Atlas has been observed to attack victims in Russia, Belarus, Canada, Moldova, Israel, Kyrgyzstan, Vietnam, and Turkey.

Read Full Article

like

16 Likes

For uninterrupted reading, download the app