
VCURMS Malware Campaign: Hackers Use AWS and GitHub to Attack Browsers
VCURMS RATSTRRATAWSGithub
Cybersecurity researchers have uncovered a major threat: the "Vcurms" malware. It leverages email for command and control, utilizes AWS and GitHub for storage, and employs a commercial protector to evade detection. Targeting Java-installed platforms, it poses a serious risk, granting attackers full control upon infiltration.
Indicators of Compromise
bankofindustry.s3.us-east-2.amazonaws.comSOCRadar2024-03-22
jbfrost.liveSOCRadar2024-03-22
ofornta.ddns.netSOCRadar2024-03-22
riseappbucket.s3.ap-southeast-1.amazonaws.comSOCRadar2024-03-22
Backinghof.ddns.netSOCRadar2024-03-22
Campaign Guidance
Remediation, mitigation, notes, history and related intelligence
REMEDİATIONS
1. Enhanced Training and Awareness Programs: Provide regular security training to employees to raise awareness about identifying phishing emails and understanding their risks. This will enable employees to recognize potentially harmful emails and take appropriate actions.
2. Security Software Updates: Continuously update security software to detect known malicious files and provide protection against new threats. This is an important way to keep your systems and network secure.
3. Strengthen Email Filtering and Content Control: Enhance email filtering and content control solutions on email servers and gateways to block malicious emails. This can prevent emails with malicious content from reaching recipients' inboxes.
4. Strong Password and Authorization Management: Implement strong password policies and restrict unnecessary user privileges to reduce the risk of unauthorized access. Additionally, introduce OAuth application restrictions to prevent users from stealing application access tokens.
5. Enhance Network and System Monitoring: Strengthen monitoring of networks and systems by regularly monitoring and analyzing logs to detect potential threats and take preventive measures. Establish a robust security monitoring infrastructure to monitor anomalies and suspicious activities.
6. Update Security Policies and Procedures: Develop and implement up-to-date and effective security policies and procedures. These policies and procedures are essential for identifying security vulnerabilities, mitigating risks, and effectively responding to crisis situations.
Observed Countries250
AD (920)
AE (793)
AF (49)
AG (757)
AI (243)
AL (578)
AM (403)
AO (847)
AQ (983)
AR (930)
AS (860)
AT (683)
AU (34)
AW (454)
AX (615)
AZ (760)
BA (884)
BB (679)
BD (297)
BE (62)
BF (93)
BG (606)
BH (763)
BI (649)
BJ (928)
BL (221)
BM (533)
BN (102)
BO (722)
BQ (768)
BR (445)
BS (227)
BT (49)
BV (802)
BW (864)
BY (76)
BZ (878)
CA (351)
CC (892)
CD (829)
CF (838)
CG (79)
CH (158)
CI (166)
CK (136)
CL (393)
CM (218)
CN (251)
CO (507)
CR (412)
CU (291)
CV (347)
CW (822)
CX (737)
CY (774)
CZ (413)
DE (270)
DJ (524)
DK (118)
DM (72)
DO (633)
DZ (836)
EC (82)
EE (905)
EG (304)
EH (9)
ER (447)
ES (553)
ET (186)
FI (386)
FJ (443)
FK (669)
FM (729)
FO (286)
FR (413)
GA (999)
GB (35)
GD (371)
GE (449)
GF (526)
GG (639)
GH (519)
GI (440)
GL (578)
GM (437)
GN (110)
GP (906)
GQ (86)
GR (397)
GS (778)
GT (520)
GU (198)
GW (163)
GY (484)
HK (46)
HM (435)
HN (705)
HR (923)
HT (929)
HU (763)
ID (48)
IE (21)
IL (974)
IM (374)
IN (183)
IO (198)
IQ (905)
IR (477)
IS (440)
IT (839)
JE (416)
JM (220)
JO (487)
JP (979)
KE (996)
KG (437)
KH (658)
KI (558)
KM (43)
KN (330)
KP (368)
KR (964)
KW (648)
KY (580)
KZ (737)
LA (581)
LB (780)
LC (659)
LI (303)
LK (628)
LR (540)
LS (960)
LT (191)
LU (836)
LV (190)
LY (339)
MA (870)
MC (511)
MD (174)
ME (462)
MF (510)
MG (478)
MH (730)
MK (979)
ML (710)
MM (730)
MN (12)
MO (931)
MP (907)
MQ (320)
MR (836)
MS (509)
MT (536)
MU (479)
MV (366)
MW (299)
MX (877)
MY (810)
MZ (792)
NA (133)
NC (451)
NE (797)
NF (988)
NG (535)
NI (330)
NL (386)
NO (970)
NP (613)
NR (852)
NU (81)
NZ (674)
OM (112)
PA (110)
PE (351)
PF (698)
PG (406)
PH (632)
PK (760)
PL (902)
PM (800)
PN (826)
PR (125)
PS (48)
PT (889)
PW (783)
PY (856)
QA (301)
RE (727)
RO (774)
RS (528)
RU (492)
RW (488)
SA (409)
SB (931)
SC (653)
SD (790)
SE (872)
SG (540)
SH (836)
SI (860)
SJ (186)
SK (708)
SL (445)
SM (509)
SN (865)
SO (353)
SR (186)
SS (41)
ST (557)
SV (18)
SX (931)
SY (694)
SZ (146)
TC (642)
TD (408)
TF (365)
TG (288)
TH (146)
TJ (428)
TK (867)
TL (96)
TM (670)
TN (647)
TO (244)
TR (665)
TT (956)
TV (266)
TW (239)
TZ (216)
UA (317)
UG (724)
UM (378)
US (672)
UY (142)
UZ (203)
VA (802)
VC (670)
VE (929)
VG (708)
VI (707)
VN (336)
VU (726)
WF (696)
WS (50)
XK (584)
YE (61)
YT (142)
ZA (979)
ZM (556)
ZW (366)