Security News > 2024 > April > New Latrodectus malware attacks use Microsoft, Cloudflare themes
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
Latrodectus is an increasingly distributed Windows malware downloader first discovered by Walmart's security team and later analyzed by ProofPoint and Team Cymru that acts as a backdoor, downloading additional EXE and DLL payloads or executing commands.
Based on the distribution and infrastructure, researchers have linked the malware to the developers of the widely-distributed IcedID modular malware loader.
As Latrodectus malware infections are used to drop other malware and for initial access to corporate networks, they can lead to devastating attacks.
Since Latrodectus is linked to IcedID, these attacks may lead to a wider range of malware in the future such as Cobalt Strike and we might also see partnerships with ransomware gangs.
New Latrodectus malware replaces IcedID in network breaches.
News URL
Related news
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- Microsoft fixes under-attack privilege-escalation holes in Hyper-V (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Week in review: 48k Fortinet firewalls open to attack, attackers “vishing” orgs via Microsoft Teams (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks (source)