Hackers Utilize MSIX App Packages to Disseminate GHOSTPULSE Malware
Hackers Utilize MSIX App Packages to Disseminate GHOSTPULSE Malware
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
A new cyber attack campaign has emerged, involving the use of fake MSIX Windows app packages masquerading as legitimate applications. These deceptive MSIX packages are employed to distribute a new malware loader known as GHOSTPULSE. It operates as a multi-stage loader, decrypting its payload and deploying various types of malware while employing advanced defense evasion techniques.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.