When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Hackers are using the MacroPack framework to generate weaponizedMicrosoftOffice documents.
These documents, in turn, deploy differentmalwareto their targets, including Blue Ratel, PhantomCore, and Havoc.
This is according to a new report from cybersecurity researchers Cisco Talos.
The C2 servers for this campaign were located in Henan, China.
One is in Pakistan, impersonating the Pakistan Air Force, and distributing Brute Ratel.
Brute Ratel is a sophisticated red-teaming and adversary simulation tool designed for offensive cybersecurity professionals.
ViaBleepingComputer
