Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet
#1
Quote:Malware researchers discovered two new malware families distributed through phishing campaigns last year from the Necurs botnet: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT).
The threat actor continues to target organizations in the financial and retail sectors, the researchers say, using Microsoft Word, Microsoft Publisher, and PDF files pull the malware on the victim computer host.


Necurs campaigns deliver ServHelper

A first salvo of malicious messages was shot on November 9, 2018. It was a small campaign with several thousand emails delivering Word and Publisher documents laced with hostile macros.

A larger campaign with tens of thousands of emails occurred six days later and carried messages with .DOC, .PUB, and .WIZ documents, all specific to the same Microsoft Office components mentioned above.

https://www.bleepingcomputer.com/news/se...rs-botnet/
Reply


Messages In This Thread
New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet - by Mohammad.Poorya - 01-10-2019 , 06:27 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  What is a Botnet? Bitdefender mrtrout 0 434 06-22-2023 , 10:13 PM
Last Post: mrtrout
  Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices mrtrout 0 386 06-22-2023 , 10:05 PM
Last Post: mrtrout
  Amadey malware pushed via software cracks in SmokeLoader campaign mrtrout 0 696 07-25-2022 , 01:23 AM
Last Post: mrtrout
  New SideWalk Backdoor Targeting U.S. Computer Retailers mrtrout 0 1,348 08-27-2021 , 01:22 AM
Last Post: mrtrout
  Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways mrtrout 0 823 08-21-2021 , 10:35 PM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)