Adversaries Leverage Social Media to Disseminate New Python-Based Stealer

Summary:

A recently identified malicious campaign involves the use of WinRAR archive files with minimal detection to execute a multi-stage attack. The payload, known as Editbot, is a newly discovered Python-based stealer. Editbot is specifically designed to extract process information and data stored in web browsers, including passwords, cookies, and other web-related information. The stolen data is then exfiltrated to threat actors through a Telegram channel.

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.