Cloud Security, Email security, Vulnerability Management

RedLine info stealer distributed via Adobe Acrobat Sign exploitation

Cloud-based e-signature service Adobe Acrobat Sign is being exploited by threat actors to facilitate the deployment of the RedLine information-stealing malware, BleepingComputer reports. Attackers have been leveraging Adobe Acrobat Sign to send emails linking to documents hosted on Adobe, which when clicked would eventually prompt the delivery of a ZIP archive with the RedLine info stealer, an Avast report revealed. Among the targets of the attack was a popular YouTuber who received a message via Adobe Acrobat Sign with a document claiming an infringement of music copyright. Researchers noted that the document, hosted on dochub.com, facilitated the delivery of a ZIP archive with non-malicious GTA V executables along with the RedLine stealer. Threat actors behind the attack have also increased the size of the RedLine payload to 400MB in an effort to avert detection from anti-virus systems, with such file inflation technique also leveraged in Emotet phishing attacks.

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.