The victim downloaded and mounted a 300MB ISO file and executed the binary (AutoDesk.exe) contained within.We assess the victim arrived on anydezkiorg via a malicious advertisement while performing a web search for AnyDesk software (Figure 1).The infection was initiated by a user downloading and running a fake installer for the AnyDesk software.Redline information stealer malware impacting a customer in the insurance industry.Here’s the latest from our TRU Team… What did we find? We outline how we responded to the confirmed threat and what recommendations we have going forward. In TRU Positives, eSentire’s Threat Response Unit (TRU) provides a summary of a recent threat investigation. Our Security Operations Centers are supported with Threat Intelligence, Tactical Threat Response and Advanced Threat Analytics driven by our Threat Response Unit – the TRU team. We have discovered some of the most dangerous threats and nation state attacks in our space – including the Kaseya MSP breach and the more_eggs malware. At eSentire, our 24/7 SOCs are staffed with Elite Threat Hunters and Cyber Analysts who hunt, investigate, contain and respond to threats within minutes. Adversaries don’t work 9-5 and neither do we.
0 Comments
Leave a Reply. |