Security News > 2020 > January > Drake Lyrics Used as Calling Card in Malware Attack
A hacker with the handle "Master X" leverages a PowerShell script that contains a reference to singer-songwriter Drake lyric's "Kiki Do You Love Me" and ultimately delivers a malicious payload to its victims.
Pickett said the script uses Windows native Microsoft HTML application host called "Mshta.exe" to reach out to a Bitly shortened link as a way to circumvent browser defense controls.
Exe is typically used to execute HTML applications and can assist scripts to run in a Windows system.
Exe is used to reach out to plain-text sharing site Pastebin.com to retrieve an encoded script.
"Kiki Do You Love Me". Once the hacker, Master X, is successful in pulling down the Pastebin code it is translated into a PowerShell script that contains a reference to Drake's "Kiki Do You Love Me" lyrics from his hit song In My Feelings.
News URL
https://threatpost.com/drake-lyrics-used-as-calling-card-in-malware-attack/151665/
Related news
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
- New RomCom malware variant 'SnipBot' spotted in data theft attacks (source)