"Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites"

Researchers have discovered a new malware campaign involving the use of fake Google Sites pages and HTML smuggling to distribute "AZORult," a commercial malware designed to facilitate information theft. Netskope Threat Labs researcher Jan Michael Alcantara noted that it applies an HTML smuggling technique in which the malicious payload is embedded in a separate JSON file hosted on an external website. The campaign, not yet attributed to any specific threat actor or group, is described as widespread. Its goal appears to be to collect sensitive data to sell in underground forums. AZORult, also known as PuffStealer and Ruzalto, is an infostealer commonly spread through phishing and malspam campaigns, trojanized installers for pirated software or media, and malvertising. This article continues to discuss findings regarding the new malware campaign distributing AZORult malware.

THN reports "Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites"

Submitted by grigby1