Operation Earth Kitsune, Tracking SLUB’s Current Operations

Trend Micro have already published findings on the SLUB malware’s past campaigns. In our latest research paper, we uncovered a recent watering hole campaign that involves a new variant of the malware. The threat, which we dubbed as such due to its abuse of Slack and GitHub in previous versions, has not abused either of the platforms this time; instead, it employed Mattermost, an open-source online chat service that can be easily deployed on-premise.

In an official statement regarding the issue, Mattermost denounced illicit and unethical use of their platform, as this is a definite violation of their Conditions of Use policy. They also shared how users can report illicit use of the software.

Read more…
Source: Trend Micro