A new attack that injected its payloaddubbed “Krakeninto the Windows Error Reporting (WER) service as a defense evasion mechanism. This campaign started with a phishing attack enticing victims with a workers compensation claim. It is followed by the CactusTorch framework to perform a fileless attack followed by several anti-analysis techniques. This attack is not the first case of such a technique. It was observed before with NetWire RAT and even the Cerber ransomware.”]
Source: https://blog.malwarebytes.com/malwarebytes-news/2020/10/kraken-attack-abuses-wer-service/