Organizations in the Americas, Europe, and Asia have been subjected to the ongoing FROZEN#SHADOW attack campaign that involved the distribution of the stealthy SSLoad malware alongside Cobalt Strike and ConnectWise ScreenConnect software to compromise networks, reports The Hacker News.Intrusions commenced with the delivery of phishing emails with links that fetch a JavaScript file that would trigger the execution of an MSI installer to install the SSLoad malware before proceeding with the installation of Cobalt Strike and ScreenConnect that would enable complete remote access to impacted systems, according to a Securonix report. Aside from exfiltrating sensitive system data and user credentials, threat actors have also used the tools to infiltrate other network systems and targets' Windows domain, researchers said."With this level of access, they could get into any connected machine within the domain," the researchers said. "In the end, this is the worst case scenario for any organization as this level of persistence achieved by the attackers would be incredibly time-consuming and costly to remediate," added researchers.
Network Security, Threat Intelligence, Malware
Ongoing global malware attack campaign seeks network compromise
(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds