A toolset called Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware.
The Slovak cybersecurity firm, which dubbed the threat actor CosmicBeetle, said the origins of the malware date back to May 2020.
The ultimate goal of the attacks is to leverage the access afforded by ScService to deliver a variant of the scarab ransomware.
It leaves plenty of artifacts on compromised systems.
According to the firm, attackers use tools like ScHackTool mainly to download additional tools of choice to their compromised machines and run them as they see fit.
The author of the malicious writes that the attacker, whose code he refers to as cosmicbeetle, does not make much effort to hide its malware and leaves many artifacts on affected systems.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply