"Global Enterprises Hit by Steganography Malware Attacks"
The threat actor TA558 has been using steganography to deliver various malware including Agent Tesla, FormBook, Remcos RAT, and others, with a campaign codenamed SteganoAmor. They have targeted sectors in Latin American countries and other regions, while also deploying Venom RAT via phishing attacks in several countries. The group has been observed using compromised SMTP servers and infected FTP servers to stage attacks and steal data. Additionally, another hacking group, Lazy Koala, has been targeting government organizations with a malware called LazyStealer, potentially linked to the group YoroTrooper. This activity is part of a broader trend of social engineering campaigns to spread malware.
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks The Hacker News
- New SteganoAmor attacks use steganography to target 320 orgs globally BleepingComputer
- A sneaky new steganography malware is exploiting Microsoft Word — hundreds of firms around the world hit by attack TechRadar
- Steganography leveraged in new global TA558 attack campaign SC Media
- Steganography Campaign Targets Global Enterprises BankInfoSecurity.com
Reading Insights
0
1
2 min
vs 3 min read
79%
497 → 103 words
Want the full story? Read the original article
Read on The Hacker News