Adversaries Leverage Social Media to Disseminate New Python-Based Stealer
Adversaries Leverage Social Media to Disseminate New Python-Based Stealer
Summary:
A recently identified malicious campaign involves the use of WinRAR archive files with minimal detection to execute a multi-stage attack. The payload, known as Editbot, is a newly discovered Python-based stealer. Editbot is specifically designed to extract process information and data stored in web browsers, including passwords, cookies, and other web-related information. The stolen data is then exfiltrated to threat actors through a Telegram channel.
Threat Level – Red | Attack Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.