RussianPanda πΌ πΊπ¦
@RussianPanda9xx
Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware Addict
15-09-2021 23:22:01
3,1K Tweets
8,1K Followers
351 Following
I am naming this #RogueRaticate campaign that leverages URL shortcuts to drop #NetSupportRAT π
1/
β‘οΈ The user is getting infected via a drive-by download with the fake update screen (similar to SocGholish behavior). The initial payload is hosted on compromised WordPress