“The threat group’s motivations are currently unknown, but we suspect that the group is financially motivated based on the seemingly industry-agnostic leading to ransomware activity.” Researchers said, the DLL sample did not execute the VBScript when run by itself. However, when run with Mshta.exe – a Windows-native utility designed to execute Microsoft HTML Application (HTA) files – the Mshta.exe utility would locate and execute the VBScript without any issues. This… Source link
Read More »Attackers Use SEO Poisoning to Spread Malware, Steal Credentials
