Organizations across Europe have been subjected to a deluge of attacks involving AceCryptor malware as part of campaigns that sought to exfiltrate email and browser credentials during the second half of 2023, reports The Record, a news site by cybersecurity firm Recorded Future.
Intrusions with AceCryptor facilitated the deployment of the SmokeLoader malware against Ukrainian entities and the distribution of Remcos RAT in organizations across Bulgaria, Poland, Serbia, and Slovakia, according to a report from ESET. Poland was most targeted by AceCryptor attacks during the last six months of 2023, which saw a shift from intrusions against Peru, Egypt, Mexico, and Turkey during the first half of last year. "Malware in these attacks was distributed in spam emails, which were in some cases quite convincing; sometimes the spam was even sent from legitimate, but abused, email accounts," noted ESET researcher Jakub Kaloc.
