Velociraptor in the Wild: How Legitimate Tools Are Becoming Cyber Villains!
Cybersecurity researchers warn of a cyber attack abusing Velociraptor, an open-source forensic tool, to create tunnels to attacker-controlled servers. This marks a tactical evolution, leveraging legitimate software for malicious purposes. Organizations should monitor for unauthorized use of Velociraptor as a potential ransomware precursor.
Hot Take:
Behold the rise of cyber Jurassic Park, where Velociraptor isn’t just a dinosaur but the latest weapon in a hacker’s arsenal. Who knew the age-old battle of good versus evil would take a prehistoric twist? I guess when life finds a way, so do cybercriminals!
Key Points:
- Cyber attackers are misusing Velociraptor, an open-source tool, to facilitate malicious activities.
- The tactic involves downloading and executing Visual Studio Code to establish a command-and-control server connection.
- Attackers leverage the msiexec utility to deploy additional tools like Radmin and Cloudflare tunneling utility.
- Microsoft Teams is being weaponized for malware deployment, bypassing traditional email defenses.
- A new malvertising campaign uses legitimate Microsoft links to redirect users to phishing pages.
Already a member? Log in here