Download Sense Purpose (2010) Rar
A Chinese APT, dubbed LuminousMoth by Kaspersky, was discovered spreading fake Zoom software to spy on targets in South East Asia since at least October 2020. The earliest sightings of this currently ongoing campaign were in Myanmar, but the attackers now appear much more active in the Philippines and have an interest in targeting government entities. With activities and tactics appearing to overlap with that of Mustang Panda, LuminousMoth uses two infection vectors in these attacks. The first provides initial access to a system through a spearphishing email containing a DropBox download link. The second infection vector comes after the first has succeeded, in which the malware attempts to spread by infecting removable USB drives. The attackers deploy a post-exploitation tool that impersonates Zoom software with a valid digital signature, using it to scan compromised systems for files with pre-defined extensions that are then copied and transferred to a C2 server. On some compromised systems, the attackers also deployed another post-exploitation tool that steals cookies from a Chrome browser for the purpose of hijacking and impersonating the Gmail sessions of the targets. It is clear that the attacks of this campaign are very large-scale and affect a wide range of targets with the ultimate goal of compromising a few that are of particular interest.
Download Sense Purpose (2010) rar