Microsoft patches a vulnerability that was used in MysterySnail RAT Campaign

Threat Level – Red | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here.

An APT espionage campaign leveraged a zero-day exploit for Microsoft Windows to escalate privileges and obtain access to Windows servers. The exploit chain culminated in the installation of a newly discovered remote access trojan (RAT) called MysterySnail on compromised servers with the purpose of stealing data. The flaw (CVE 2021 40449) was fixed as part of Microsoft’s October Patch Tuesday upgrades, which were released this week.

Vulnerability Details

Actor Details

Indicators of Compromise (IoCs)

Patch Link


What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox