March 14th, 2022: Threat Group Delivers Cobalt Strike Through AV Updates
Industry: Critical Infrastructure | Level: Strategic | Source: BleepingComputer
The Ukrainian Computer Emergency Response Team alerted users to a phishing campaign impersonating the Ukrainian government. The campaign prompts potential victims into downloading fraudulent “critical security updates” to ultimately deliver a Cobalt Strike beacon. The alerted activity has been observed by the MalwareHunterTeam and is reported by BleepingComputer. The phishing email contains a malicious link that downloads a executable masquerading as “itdefenderWindowsUpdatePackag