Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet
#1
Quote:Malware researchers discovered two new malware families distributed through phishing campaigns last year from the Necurs botnet: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT).
The threat actor continues to target organizations in the financial and retail sectors, the researchers say, using Microsoft Word, Microsoft Publisher, and PDF files pull the malware on the victim computer host.


Necurs campaigns deliver ServHelper

A first salvo of malicious messages was shot on November 9, 2018. It was a small campaign with several thousand emails delivering Word and Publisher documents laced with hostile macros.

A larger campaign with tens of thousands of emails occurred six days later and carried messages with .DOC, .PUB, and .WIZ documents, all specific to the same Microsoft Office components mentioned above.

https://www.bleepingcomputer.com/news/se...rs-botnet/
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Taiwanese Government Warns of Hidden Backdoor in D-Link Routers mrtrout 0 343 06-18-2024 , 07:25 AM
Last Post: mrtrout
  What is a Botnet? Bitdefender mrtrout 0 616 06-22-2023 , 10:13 PM
Last Post: mrtrout
  Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices mrtrout 0 568 06-22-2023 , 10:05 PM
Last Post: mrtrout
  Amadey malware pushed via software cracks in SmokeLoader campaign mrtrout 0 856 07-25-2022 , 01:23 AM
Last Post: mrtrout
  New SideWalk Backdoor Targeting U.S. Computer Retailers mrtrout 0 1,776 08-27-2021 , 01:22 AM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)