HomeNewsIndia faces advanced cyber espionage with novel Discord hack

India faces advanced cyber espionage with novel Discord hack

The UPX-packed ELF, other than DSOP.pdf, has the DISGOMOJI malware payload which, upon execution, reads and exfiltrates system data together with IP tackle, username, hostname, working system, and the present working listing. Aside from the primary capabilities, DISGOMOJI additionally downloads a shell script uevent_seqnum.sh, to verify for linked USB gadgets and replica the content material of these gadgets to an area folder on the contaminated system.

The analysis agency, moreover, found the marketing campaign sometimes utilizing the Soiled Pipe vulnerability (tracked as CVE-2022-0847), a privilege escalation bug that impacts BOSS9 techniques, which has wild exploits even months after a repair was rolled out.

Discord C2 for evasion

The marketing campaign makes use of a customized fork of the open supply mission discord-C2. The modified model of this mission makes use of emojis within the Discord service for DISGOMOJI’s C2 communications.

See also  10 Classes from the British Library Ransomware Attack
- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular