Byakugan – The Malware Behind a Phishing Attack

In January 2024, FortiGuard Labs collected a PDF file written in Portuguese that distributes a multi-functional malware known as Byakugan.

The PDF image shows a blurred table and asks the victim to click the malicious link on the PDF file to see the content. Once the link is clicked, a downloader is downloaded. The downloader drops a copy of itself (require.exe) along with a clean installer to the temp folder. It then downloads a DLL (dynamic link library), which is executed via DLL-hijacking to run require.exe to download the main module (chrome.exe).

Read more…
Source: FortiGuard