“Totally Unexpected” Package Malware Using Modified Notepad++ Plug-in (WikiLoader) asec.ahnlab.com/en/64106/ #Pentesting #Malware #CyberSecurity #Infosec
Out of the Sandbox: WikiLoader Digs Sophisticated Evasion proofpoint.com/us/blog/threat… #Pentesting #Sandbox #CyberSecurity #Infosec
Too in #italy #WikiLoader - #TA544 #quickbooks
'Invoice Reminder: Your payment to Allen&Overy LLP '
EML>PDF>url>zip>js>js>dll
⚠️zip Url
https[:]//infplaute[.]com/international-commercial
❇️Samples
bazaar.abuse.ch/browse/tag/Wik…
Notepad++ を侵害する WikiLoader というマルウェア:DLL ハイジャックで C2 通信
iototsecnews.jp/2024/04/14/pop…
#AhnLab #CyberAttack #DLLHijacking #Malware #Notepad #RAT #Scammer #TTP #WikiLoader
2024-01-17 (Wednesday): Emails push #WikiLoader through PDF attachments. Some indicators available at bit.ly/3tXa2Ko
#Unit42ThreatIntel #TimelyThreatIntel #IndicatorsOfCompromise #Wireshark #InfectionTraffic