WARMCOOKIE Backdoor: Rising via Recruitment-Themed Phishing
Threat Level – Red | Vulnerability Report
Download PDFSummary:
A newly discovered Windows malware called ‘WARMCOOKIE’ is being spread via phishing campaigns that disguise themselves as job offers. WARMCOOKIE functions as an initial backdoor tool, used to explore victim networks and deploy further malicious payloads. Each instance is compiled with a hard-coded C2 IP address and an RC4 key. It is also utilized to fingerprint machines, capture screenshots of victim machines, and deploy additional payloads.
Threat Level – Red | Attack Report
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox