The file is masquerading as a legitimate purchase order, but if opened, it triggers the infection chain. ![]() Particularly, the attack starts with a phishing email holding a malicious file attached. In May 2022, security experts reported multiple SYK Crypter infections conducted with the help of Discord CND. View Detections Join Threat Bounty SYK Crypter Attack ChainĪccording to the research by Morphisec, SYK Crypter operators haven’t missed a chance to leverage a popular Discord attack chain for malware distribution. Submit your Sigma, Yara, or Snort rules, get them published to our platform, and receive repeated payouts while contributing to collaborative cyber defense. To reach more curated detection content addressing the emerging threats and get the full context enriched with MITRE ATT&CK references, CTI links, and other valuable metadata, you are most welcome to explore the Threat Detection Marketplace repository powered by SOC Prime’s Detection as Code platform.Īre you an established professional in threat hunting and detection engineering? Monetize your advanced cybersecurity skills by joining our Threat Bounty Program. Suspicious Syk Crypter Execution with Powershell (via cmdline) Access the Sigma rule translated into 23 SIEM, EDR & XDR formats via the link below: ![]() Detect SYK Crypterĭetect the malicious activity associated with highly-evasive SYK crypter malware by leveraging a dedicated Sigma rule provided by our prolific Threat Bounty author Osman Demir. Particularly, hackers abuse the Discord CND (Content Distribution Network) to drop a plea of remote access Trojans with the help of a novel SYK crypter. ![]() Recently, security researchers have revealed yet another malware exploiting the trending Discord attack kill chain. The possible attack surface is vast and promising, allowing threat actors to abuse Discord for malware distribution and other nefarious actions. As Discord is gaining extreme popularity among online user communities, with 150 million people using it as of 2021, hackers turn their sights to this chat, VoIP, and digital distribution platform.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |