silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,154
A malicious campaign targeting corporations from all over the world was observed while using a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to deliver Azorult and RevengeRAT malware.
The command-and-control (C2) storage infrastructure used by the campaign dubbed MasterMana by Prevailion researchers who spotted it allows the threat actors behind the attacks to conceal malicious traffic from security solutions.
"Based upon exhibited tactics, techniques, and procedures (TTPs), we have associated it — with moderate confidence — to the 'Gorgon Group', a well known group active for numerous years and attributed with multiple ongoing malicious campaigns," says Prevailion's report.
Threat Group Uses Bit.ly, BlogSpot, Pastebin to Deliver Trojans, RATs
A malicious campaign targeting corporations from all over the world was observed while using a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to deliver Azorult and RevengeRAT malware.
www.bleepingcomputer.com