Tag: info-stealer malware

CoralRaider attacks use CDN cache to push info-stealer malware
News

CoralRaider attacks use CDN cache to push info-stealer malware

In an ongoing effort that targets systems in the United States, the United Kingdom, Germany, and Japan, a threat actor has been storing information-stealing malware in a content delivery network cache. Researchers think CoralRaider, a financially motivated threat actor that targets social media accounts, financial information, and credentials, is responsible for the attack. The hackers supply info stealers LummaC2, Rhadamanthys, and Cryptbot, which are sold on dark web forums by malware-as-a-service providers in exchange for a membership charge. Cisco Talos determines that the campaign is a CoralRaider operation with a moderate degree of confidence based on common tactics, methods, and procedures (TTPs) with other assaults that the threat actor has been linked to. The first at...