Attackers are delivering the Astaroth info-stealing backdoor by leveraging a combination of fileless malware and “living off the land” techniques, Microsoft’s security team warns.
The campaign
All through the attack chain, the only tools and utilities used are those already present on most Windows systems: WMIC, BITSAdmin, Certutil, Regsvr32 and Userinit.
The attack starts with spear-phishing emails targeting employees and tricking them into following the included link to an arc ..
Support the originator by clicking the read the rest link below.