Malware

Infostealers deployed via leaked Shellter red team tool exploitation BleepingComputer reports that attacks leveraging a leaked copy of Shellter Project's commercial AV/EDR evasion loader tool Shellter Elite have been launched by several threat actors to facilitate the distribution of the Arechclient2, Lumma, and Rhadamanthys information-stealing payloads since April.

Threat actors have been exploiting search engine optimization poisoning techniques to promote bogus utility websites that facilitate Oyster malware loader distribution as part of a new malvertising campaign, according to The Hacker News.

More threat actors have been leveraging digitally signed drivers and other services to compromise Windows systems with kernel-level malware while circumventing Microsoft's safeguards, including Hypervisor-Protected Code Integrity, PatchGuard, and Driver Signature Enforcement, reports GBHackers News.

The campaign distracts victims from its malicious nature using benign decoy documents.

Qwizzserial malware has been spread by attackers masquerading as government agencies through Telegram channels purporting to be for financial aid, a Group-IB analysis revealed.

Intrusions commence with communications in Telegram, followed by the delivery of email and Calendly invites containing a bogus Zoom SDK update, which contains the NimDoor malware, a report from SentinelOne's SentinelLabs researchers showed.

Russia-based bulletproof hosting (BPH) service offers no-questions-asked access to servers.

Highly similar infrastructure and techniques have been leveraged by Russia-linked hacking operation TA829 and threat cluster UNK_GreenSec in ongoing malware campaigns, reports The Hacker News.