Search cyberveille.decio.ch

Found 3 bookmarks

Newest

DarkGate Opens Organizations for Attack via Skype, Teams

From July to September, we observed the DarkGate campaign (detected by Trend Micro as TrojanSpy.AutoIt.DARKGATE.AA) abusing instant messaging platforms to deliver a VBA loader script to victims. This script downloaded and executed a second-stage payload consisting of a AutoIT scripting containing the DarkGate malware code. It’s unclear how the originating accounts of the instant messaging applications were compromised, however is hypothesized to be either through leaked credentials available through underground forums or the previous compromise of the parent organization.

#trendmicro #EN #2024 #malware #DarkGate #Skype #Teams

·trendmicro.com·Mar 14, 2024

DarkGate Opens Organizations for Attack via Skype, Teams

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...

#proofpoint #EN #2023 #BattleRoyal #DarkGate #RAT #fake #fake-updates #RogueRaticate

·proofpoint.com·Dec 22, 2023

BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates

Battling a new DarkGate malware campaign with Malwarebytes MDR

First publicly reported in 2018, DarkGate is a Windows-based malware with a wide-range of capabilities including credential stealing and remote access to victim endpoints. Until recently, it was only seen being delivered through traditional email malspam campaigns. In late August 2023, however, researchers at Trusec found evidence of a campaign using external Teams messages to deliver the DarkGate Loader.

#malwarebytes #EN #2023 #DarkGate #malware

·malwarebytes.com·Oct 24, 2023

Battling a new DarkGate malware campaign with Malwarebytes MDR