The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services.
The goal of this campaign is to steal credentials and other private information and install additional payloads onto a compromised system.
Re-emergence of TinyNuke
The TinyNuke malware activity first appeared in 2017, culminated in 2018, then dropped significantly in 2019, and almost faded out of existence in 2020.
Observing new attacks that deploy the particular malware strain in 2021 is surprising but not entirely unexpected.
Remcos RAT Masquerade as VeraCrypt Installers Steals Users Login Credentials
Malvertising campaign leads to info stealers hosted on GitHub
Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign