Fortinet FortiGuard Labs discovers a novel attack chain initiated by a phishing email containing a booby-trapped PDF file.
This same attack also introduces Remcos RAT introduced via a crypter called SYK Crypter.
Lin said the combination of XWorm and Remcos creates a formidable trojan with an array of malicious functionalities.
Similar findings from Fortinet in 2023 have been reported by other companies, such as Morphisec and Szczepanec.
In these cases, the files are presented as PDF files but contain LNK files that execute a PowerShell script to launch the Rust-based injector and display a decoy PDF document.
The novel attack was detected by Fortinet Fortigard Labs on July 13, 2023.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply