G DATA Security Lab has discovered a sophisticated malware operation that used Bitbucket, a popular code hosting platform, to propagate AsyncRAT, a well-known remote access trojan.
According to the study, the attackers employed a multi-stage assault strategy, exploiting Bitbucket to host and disseminate malware payloads while circumventing detection.
The malware operators employed multiple layers of Base64 encoding to obfuscate the code and hide the true nature of the assault. “After peeling back those layers we were able to uncover the full story and key indicators of compromise (IOCs) we found while analyzing the AsyncRAT payload delivery,” the report explains.
Bitbucket’s trustworthy reputation as a software development platform has made it a popular target for attackers. The perpetrators employed Bitbucket repositories to host a variety of malicious payloads, including the AsyncRAT.
“Attackers have turned to Bitbucket, a popular code hosting platform, to host th
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: