Blog | G5 Cyber Security

Fractured Block Campaign: CARROTBAT dropper dupports a dozen decoy document formats

Palo Alto Networks have discovered a malware dropper, dubbed CARROTBAT, that could support a dozen decoy document file formats to drop many payloads. The dropper was first discovered in March 2018, in the past three months experts observed an intensification of the activity associated with the dropper. The malware was spotted while threat actors were using it to drop payloads in South and North Korea region, attackers were using subjects such as crypto-currencies, crypto-currency exchanges, and political events for the decoy documents.”]

Source: https://securityaffairs.co/wordpress/78703/malware/carrotbat-dropper-campaign.html

Exit mobile version