North American manufacturing subjected to Ande Loader malware compromise

5. Data Sources Predictions

Manufacturing organizations across North America have been targeted by financially motivated threat operation Blind Eagle, also known as APT-C-36, in new attacks leveraging the Ande Loader malware for remote access trojan delivery, reports The Hacker News.

Attacks with Ande Loader have been facilitated by phishing emails with RAR and BZ2 archives, with the former enabling the deployment of Remcos RAT and the latter leading to the distribution of NjRAT, according to a report from eSentire. Moreover, crypters by Roda and Pjoao1578 have also been utilized by Blind Eagle in its intrusions, said researchers. "One of the crypters developed by Roda has the hardcoded server hosting both injector components of the crypter and additional malware that was used in the Blind Eagle campaign," researchers added. The findings follow a recent SonicWall report detailing the exploitation of a RogueKiller AntiMalware software-related driver by the latest DBatLoader malware variant for Remcos RAT distribution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.