A recent investigation has uncovered a highly sophisticated cyberattack that transforms Visual Studio Code (VSCode) into a remote access tool, allowing unauthorized control over victim systems. This attack demonstrates significant stealth capabilities, bypassing common detection methods and leveraging trusted software to execute malicious actions. Attack Overview The attack starts with the distribution of a suspicious .LNK file, disguised as a legitimate installer, typically delivered through phishing emails to lure victims. Once executed, the .LNK file displays a fake success message in Chinese (“安裝成功”), deceiving …
Tag: darkweb
According to a recent report from Microsoft Threat Intelligence, the cybercriminal group Storm-0501 has emerged as a significant threat, specifically targeting hybrid cloud environments through sophisticated ransomware attacks. Known for their opportunistic and financially motivated operations, Storm-0501 has increased their activity since 2021, initially gaining attention for deploying Sabbath ransomware against U.S. school districts. Since then, they have expanded their tactics, utilizing various ransomware strains, including Hive, BlackCat (ALPHV), and most recently, Embargo ransomware. Attack Strategy Storm-0501’s latest campaigns highlight …
Social Profiles