VCURMS and STRRAT Trojans Using AWS and GitHub as Launchpads

Threat Level – Amber | Vulnerability Report
Download PDF

A sophisticated phishing campaign is targeting personnel, enticing them to click on a seemingly innocuous button to authenticate payment details. However, this action initiates the download of a harmful JAR file from Amazon Web Services (AWS) onto the victim’s device. This malicious file serves as a gateway for installing a Java downloader, with the intent of distributing VCURMS and STRRAT remote access trojans (RATs).

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox