Multi-Stage Cyberattack Campaign Uses RAR Archives to Target Thailand's Healthcare Sector
By
Seqrite
Summary
Seqrite TRU discovered a multi-stage cyberattack campaign targeting Thailand's healthcare sector. The attack uses spear-phishing emails with RAR archives containing obfuscated batch loaders, GitHub-hosted payloads, and a Python-based information stealer that exfiltrates data via Telegram. The campaign employs healthcare-themed lures to trick victims, establishes persistence through Windows Startup folders, and harvests browser credentials for sustained access and data theft.
Source
bskyMulti-Stage Cyberattack Campaign Uses RAR Archives to Target Thailand's Healthcare Sectorhendryadrian.comKey quotes
· 2 pulledSeqrite TRU uncovered a multi-stage campaign targeting Thailand's healthcare sector with spear-phishing RAR archives, obfuscated batch loaders, GitHub-hosted payloads, and a Python stealer that attempts Telegram-based exfiltration.
The operation used healthcare-themed lures, Startup-folder persistence, and browser credential harvesting to sustain access and steal data.
You might also wanna read
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
Iran-Backed Hackers Claim Data-Wiping Attack on Medical Technology Company Stryker
Iran-linked hacktivist group claims responsibility for a data-wiping cyberattack against medical technology company Stryker, causing operati
Safeguard your healthcare data with Synology ActiveProtect
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
Change Healthcare Cyberattack Exposes Data of 190 Million People in Largest U.S. Health Data Breach
The Change Healthcare cyberattack, first detected in February 2024, has become the largest exposure of personal health data in U.S. history,
morningoverview.com·4mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.