An updated version of a malware called BLISTER is being used as part of Socgholish’s infection chains to distribute an open-source command-and-control framework called Mythic.
This follows a similar use by Palo Alto Networks Unit 42 in July 2023.
The company had previously discovered the malware in December 2021 acting as a conduit to distribute Cobalt Strike and BitRAT payloads on compromised systems.
BLISTER was first uncovered by the company in December 21st using its own code to distribute cobalt strike and other malware.
A closer analysis of the malware shows that it’s being actively maintained, with the malware authors incorporating a slew of techniques to fly under the radar and complicate analysis.
Examples of these techniques include disguising the appearance of a single file as a whole and hiding its presence within a legitimate media player library.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply