Author Topic: DarkHydrus APT Uses Google Drive to Send Commands to RogueRobin Trojan  (Read 268 times)

0 Members and 1 Guest are viewing this topic.

Offline Antus67

  • Full Member
  • ***
  • Posts: 93
    • View Profile
By Ionut Ilascu



New malicious campaigns attributed to DarkHydrus APT group show the adversary's use of a new variant of the RogueRobin Trojan and of Google Drive as an alternative command and control (C2) communication channel.

The group's latest activity was observed against targets in the Middle East, luring them with Excel documents laced with malicious VBA code (macro).

For security reasons, macros are disabled by default in the Microsoft Office suite, and they do not run unless the user enables the feature manually.

Full Article Here:https://www.bleepingcomputer.com/news/security/darkhydrus-apt-uses-google-drive-to-send-commands-to-roguerobin-trojan/