Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans deployed using a new and stealthy malware loader. The newly discovered loader monetized under a Crypter-as-a-Service model, named Snip3, is used to drop Revenge RAT, AsyncRAT, Agent Tesla, and NetWire RAT payloads on compromised systems. Microsoft observed while tracking this campaign, the threat actors’ end goal is to harvest and exfiltrate data.
Source: https://www.bleepingcomputer.com/news/security/microsoft-threat-actors-target-aviation-orgs-with-new-malware/