Post by CyberTech Intelligence
1,810 followers
šš¢š„šš¢š ššš šš¢ššš¬ ššš„š°šš«š ššØš§šš¢š š¢š§ ššØšØš š„š šš«š¢šÆš šš¦šš š A new cyberespionage campaign linked to OilRig is using advanced techniques to evade detection by hiding malware configurations inside images hosted on Google Drive. The attack begins with a phishing Excel file that deploys fileless malware, operating entirely in memory to avoid detection. It then leverages GitHub to retrieve instructions before downloading a seemingly harmless image. Using steganography, attackers embed encrypted data within the image, which is later extracted to guide the next stage of the attack. The malware communicates through Telegram, allowing attackers to send commands and exfiltrate data through legitimate encrypted traffic. This campaign highlights how threat actors are increasingly abusing trusted platforms and advanced techniques to bypass traditional security defenses. šššš šš”š šš®š„š„ š§šš°š¬: https://lnkd.in/g2-fvJTT