In a recent report, cybersecurity researchers from the ESET cybersecurity company highlighted that malware of the Scarab ransomware family has been deployed to spread its variants across global victim organizations using a malicious toolset named Spacecolon.
ESET has issued an advisory about the vulnerability of the toolset that may allow targeted attackers to penetrate victim organizations by exploiting commonly vulnerable web servers or using brute-force attacks against Remote Desktop Protocol (RDP) credentials to gain entry into victim organizations. As a result of ESET’s investigation, it was also discovered that certain Spacecolon versions include Turkish strings, which suggests that a Turkish-speaking developer was involved in the development of these versions.
According to a detailed technical report released on August 22, 2023, by ESET security researcher Jakub Souek, the Spacecolon malicious toolkit is being used by a cyber campaign that is targeting organizations all over the world to spread various variants of the Scarab ransomware, and it is targeting anti-torture organizations in particular.
As of May 20, 2023, the most recent build of Spacecolon has been carried out, and the roots of the project can be traced back to as early as May 2020. Despite extensive tracking and analysis, ESET does not yet have an explanation as to what threat actor group is likely to be using the
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: