CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa

admin by admin
January 18, 2023
in Information Security


Jan 18, 2023Ravie LakshmananCyber Threat / Malware

An ongoing campaign dubbed Earth Bogle is leveraging geopolitical-themed lures to deliver the NjRAT remote access trojan to victims across the Middle East and North Africa.

“The threat actor uses public cloud storage services such as files[.]fm and failiem[.]lv to host malware, while compromised web servers distribute NjRAT,” Trend Micro said in a report published Wednesday.

Phishing emails, typically tailored to the victim’s interests, are loaded with malicious attachments to activate the infection routine. This takes the form of a Microsoft Cabinet (CAB) archive file containing a Visual Basic Script dropper to deploy the next-stage payload.

Alternatively, it’s suspected that the files are distributed via social media platforms such as Facebook and Discord, in some cases even creating bogus accounts to serve ads on pages impersonating legitimate news outlets.

The CAB files, hosted on cloud storage services, also masquerade as sensitive voice calls to entice the victim into opening the archive, only for the VBScript to be executed, leading to the retrieval of another VBScript file that masks itself as an image file.

NjRAT Trojan

The second-stage VBScript, for its part, fetches from an already breached domain a PowerShell script that’s responsible for loading the RAT payload into memory and executing it.

NjRAT (aka Bladabindi), first discovered in 2013, has myriad capabilities that allow the threat actor to harvest sensitive information and gain control over compromised computers.

“This case demonstrates that threat actors will leverage public cloud storage as malware file servers, combined with social engineering techniques appealing to people’s sentiments such as regional geopolitical themes as lures, to infect targeted populations,” the researchers concluded.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

C5 Type 2 attestation report now available with 156 services in scope

Next Post

Illustrateonlyif

Related Posts

Information Security

EC-Council’s Certified CISO Hall of Fame Report 2023

by admin
June 5, 2023
Information Security

Amazon Security Lake is now generally available

by admin
June 5, 2023
Information Security

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal

by admin
June 4, 2023
Information Security

Updated whitepaper available: Architecting for PCI DSS Segmentation and Scoping on AWS

by admin
June 4, 2023
Information Security

Insights from Avast’s Q1/2023 Threat Report

by admin
June 4, 2023
Next Post

Illustrateonlyif

Recommended

Initiatiegrowth ~ Future of CIO

June 5, 2023

Why and how to monitor application availability and performance?

June 5, 2023

EC-Council’s Certified CISO Hall of Fame Report 2023

June 5, 2023

Amazon Security Lake is now generally available

June 5, 2023

Illuminate”not-only”

June 4, 2023

Server monitoring at the heart of your business

June 4, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.