In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims’ devices, delivering several types of malware all at once. The main aim is to utilize company resources for mining, steal data using keyloggers, and gain backdoor access to systems.
According to Kaspersky telemetry data, they have detected numerous scripts, executables, and associated links under this campaign since late 2022. The researchers were still finding new versions at the time of writing, so the threat to B2B is still live. Enterprise resources and data remain at risk.