DownEx malware leverages a previously unknown strain of malware dubbed DownEx.
The HTA file, for its part, is designed to establish contact with a remote command-and-control (C2) server to retrieve a next-stage payload.
Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages an older, undiscovered strain of malicious software called downEx.
This is a fileless attack – the DownEx script is executed in memory and never touches the disk, Bitdefender said.
The Romanian cybersecurity firm said it first detected the malware in a highly targeted attack aimed at foreign government institutions in Kazakhstan in late 2022.
While the exact nature of the malware is not unknown, it’s said to be a backdoor to establish persistence.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply