U.S. Gov Agency Targeted With Malware-Laced Emails

2020-01-23 19:08

A U.S. government agency was targeted with spear phishing emails harboring several malware strains - including a never-before-seen malware downloader that researchers call "Carrotball."

One of the malicious documents also included a new malware downloader that researchers dubbed Carrotball.

First discovered in 2014, Konni is best known for 2018 campaigns using two malware families in cyberattacks, the NOKKI malware and Carrotball.

Additional campaigns began to appear with strongly overlapping TTPs but did not feature the Konni RAT, and so some researchers started using "Konni" to refer to the threat actor instead of the malware.

The use of Carrotball is one indication linking the campaign to the threat group, as the malware has previously associated with the Konni Group.

News URL

https://threatpost.com/u-s-gov-agency-malware-laced-emails/152141/

#email #malware

News URL

Related news