Ransomware, Malware

SystemBC malware deployed in Black Basta-linked attacks

Share
(Adobe Stock)

Threat actors associated with the Black Basta ransomware gang have sought to exfiltrate credentials and distribute the SystemBC malware dropper in attacks part of an ongoing social engineering campaign, according to The Hacker News.

Intrusions commenced with email bomb delivery and phone calls luring targets into downloading AnyDesk to facilitate the deployment of next-stage information-stealing payloads, including the AntiSpam.exe executable and SystemBC loader, a report from Rapid7 showed. Such findings follow an eSentire report detailing phishing attacks leveraging the Ande Loader to enable Obj3ctivity Stealer compromise. "The malware's distribution through obfuscated and encrypted scripts, memory injection techniques, and the ongoing enhancement of Ande Loader with features like anti-debugging and string obfuscation underscore the need for advanced detection mechanisms and continuous research," said eSentire. Another study from ReliaQuest noted SocGholish, also known as FakeUpdates, GootLoader, and Raspberry Robin as the most prevalent malware loaders so far this year, with GootLoader dislodging QakBot in the top three.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related Terms

Adware

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.