Hackers have been using fake error logs to store ASCII characters disguised as hexadecimal values that decode to a malicious payload designed to prepare the ground for script-based attacks.
The trick is part of a longer chain with intermediary PowerShell commands that ultimately delivers a script for reconnaissance purposes.
MSP threat detection provider Huntress Labs discovered an attack scenario where a threat actor with persistence on a target machine tried to run an unusual trick to carry on with their attack routine.
Read more…
Source: Bleeping Computer