Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor | allinfosecnews.com

June 5, 2024, 4:32 p.m. | Rodel Mendrez

SpiderLabs Blog from Trustwave www.trustwave.com

During a recent client investigation, Trustwave SpiderLabs found a malicious version of the Advanced IP Scanner installer, which contained a backdoored DLL module. Our client had been searching for the Advanced IP Scanner tool online and inadvertently downloaded the compromised installer from a typo-squatted domain that appeared in their search results.

advanced backdoor client cobaltstrike compromised dll domain fake found installer investigation ip scanner malicious results scanner search tool trustwave trustwave spiderlabs typo version

More from www.trustwave.com / SpiderLabs Blog from Trustwave

Professional Services Sector Under Attack - Trustwave SpiderLabs Report 2024 4 days, 21 hours ago | www.trustwave.com

attack attacks briefing industry +20

Atlas Oil: The Consequences of a Ransomware Attack 5 days, 21 hours ago | www.trustwave.com

atlas attack basta black basta +19

Scanning the Matrix: SIEM Best Practices 6 days, 21 hours ago | www.trustwave.com

best practices matrix practices scanning +3

Fare Thee Well ModSecurity: End-of-Life and Last Commercial Rules Update for June 2024 1 week, 3 days ago | www.trustwave.com

apache application breach code +21

Secure Access Service Edge: Another Multi-Tool for the SOC 1 week, 6 days ago | www.trustwave.com

access a network antivirus application +29

Search & Spoof: Abuse of Windows Search to Redirect to Malware 2 weeks, 5 days ago | www.trustwave.com

abuse behaviors campaign code +22

The Sentinel’s Watch: Building a Security Reporting Framework 2 weeks, 6 days ago | www.trustwave.com

building can fortress framework +12

Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor 3 weeks, 4 days ago | www.trustwave.com

advanced backdoor client cobaltstrike +17

Threat Advisory: Snowflake Data Breach Impacts Its Clients 3 weeks, 5 days ago | www.trustwave.com

advisory analysts breach clients +24

Senior Streaming Platform Engineer

@ Armis Security | Tel Aviv-Yafo, Tel Aviv District, Israel

View on infosec-jobs.com

Senior Streaming Platform Engineer

@ Armis Security | Tel Aviv-Yafo, Tel Aviv District, Israel

View on infosec-jobs.com

Deputy Chief Information Officer of Operations (Senior Public Service Administrator, Opt. 3)

@ State of Illinois | Springfield, IL, US, 62701-1222

View on infosec-jobs.com

Deputy Chief Information Officer of Operations (Senior Public Service Administrator, Opt. 3)

@ State of Illinois | Springfield, IL, US, 62701-1222

View on infosec-jobs.com

Analyst, Security

@ DailyPay | New York City

View on infosec-jobs.com

Analyst, Security

@ DailyPay | New York City

View on infosec-jobs.com