Financially motivated threat operation Water Orthus, which was behind the CopperStealer malware, has reemerged with new attacks deploying the novel CopperStealth and CopperPhish payloads, reports The Hacker News.
Water Orthus' CopperStealth attack campaign commenced in March and involved the use of free software installers to facilitate the distribution and loading of a rootkit, which then prompts payload injection, according to a report from Trend Micro.
Meanwhile, attacks with CopperPhish, which were identified the following month, involved the exploitation of file-sharing sites' PPI networks to enable the delivery of the phishing kit, which has credit card data collection capabilities.
"The credential verification and confirmation code are two useful features that make this phishing kit more successful, as the victim cannot simply close the window or enter fake information just to get rid of the window," said researchers, who have attributed both CopperStealth and CopperPhish to Water Orthus due to their source code similarities with CopperStealer.
Malware-free intrusions have become the leading cybersecurity threat against small- to medium-sized businesses, accounting for 56% of all cyber incidents during the third quarter, SiliconAngle reports.
Four high-severity Microsoft Exchange flaws reported by Trend Micro's Zero Day Initiative were noted by Microsoft to have been addressed or not need immediate servicing as required authentication would significantly reduce their odds of being exploited, SecurityWeek reports.