#scrubcrypt — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #scrubcrypt, aggregated by home.social.
-
Fortinet reports on a recent phishing campaign containing Scalable Vector Graphics (SVG) files. The malicious attachment downloads a ZIP file and begins the infection chain. ScrubCrypt, described as an "antivirus evasion tool", is used to load the final payload VenomRAT while maintaining a connection with the C2 server to install plugins like XWorm, NanoCore, RemcosRAT and a crypto wallet stealer. They provides detailed insights into how the threat actor distributes VenomRAT and other plugins. IOC listed. 🔗 https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins
#ScrubCrypt #VenomRAT #RemcosRAT #XWorm #NanoCore #threatintel #IOC