VCURMS and STRRAT Trojans Using AWS and GitHub as Launchpads
VCURMS and STRRAT Trojans Using AWS and GitHub as Launchpads
Summary:
A sophisticated phishing campaign is targeting personnel, enticing them to click on a seemingly innocuous button to authenticate payment details. However, this action initiates the download of a harmful JAR file from Amazon Web Services (AWS) onto the victim’s device. This malicious file serves as a gateway for installing a Java downloader, with the intent of distributing VCURMS and STRRAT remote access trojans (RATs).
Threat Level – Amber | Attack Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.