“NF-eletronica”, “visualizar boleto” and also the parameter names used in the data exfiltration.ĬloudSquirrel malware typically arrives on the user’s machine as an attachment or a link via email. Primarily affecting Brazilian users based on the facts – file names e.g.Infects users by downloading malicious payloads ( 32 bit and 64 bit executables) that collects information about the victim’s machines including the victim’s email account credentials configured in native email clients.Uses DropBox for its C&C (command and control) server.Uses a variety of cloud services to download its main payload.Listed below are the activities seen in the CloudSquirrel malware campaign: We will talk about technical details in this blog. Last week we posted an article, giving an overview about the CloudSquirrel malware campaign that takes advantage of multiple cloud apps throughout the kill chain with the intent to steal and exfiltrate user data. Visual depiction of the life cycle of the Cloud Squirrel Attack
0 kommentar(er)
