An unknown attacker is using an off-the-shelf malware downloader called PureCrypter to target government entities in Asia-Pacific and North America. The attacker is using a compromised non-profit organization’s domain as a command-and-control center to deliver a secondary payload that can include RedLine Stealer, Agent Tesla, Eternity, Blackmoon, and Philadelphia ransomware. PureCrypter was first documented in June 2022 and is sold for $59 for one-month access or $245 for a one-time lifetime purchase. The use of off-the-shelf malware tools suggests that the threat actor behind the campaign may not be highly skilled, making the attacks all the more concerning. Organizations should take steps to protect themselves, such as implementing email filtering and two-factor authentication, to reduce the risk of a successful attack. The increasing frequency of targeted attacks against governments and other high-profile organizations highlights the need for increased cybersecurity measures.
Source: The Hacker News
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.