Researchers have discovered a new malware that is designed to be used with two existing exploits in order to transfer fraudulent money. According to an article published Tuesday, this malware combines ProxyLogon and ProxyShell in order to initiate these fraudulent transfers. An attempted attack that was flagged by the target’s bank just before the transaction fully completed pointed to an ongoing risk of unpatched Microsoft Exchange Servers and the use of business email compromise to trick potential targets. When recipients open a malicious file and enable macros, Cobalt Strike Beacon is executed, which gives attackers control over compromised computers, according to the report.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.