Menace actor DeathStalker is actively concentrating on cryptocurrency exchanges positioned world wide with the VileRAT malware, in accordance with Kaspersky researchers. The researchers revealed an advisory simply days in the past during which the marketing campaign is detailed. The marketing campaign reportedly started in September 2020 however revamped its efforts in June 2022, leveraging the VileRAT toolchain. For the reason that marketing campaign was first recognized by Kaspersky, the risk actor has constantly picked comparable targets.
Kaspersky believes that regardless of the general public indicators of compromise, the DeathStalker marketing campaign is probably going rising its efforts to compromise new targets with its latest use of VileRAT. Extra samples of malicious information related to the RAT and new infrastructure has been detected since March of 2022. Kaspersky believes that that is possible a symptom of elevated compromise makes an attempt.