"'Fluffy Wolf' Spreads Meta Stealer in Corporate Phishing Campaign"

A threat actor, tracked as "Fluffy Wolf," is spreading different types of malware using accounting report lures in a phishing campaign that relies on malicious and legitimate software. According to researchers from Bi.Zone, Fluffy Wolf's active phishing campaign shows how even unskilled threat actors can use Malware-as-a-Service (MaaS) models to execute successful cyberattacks. The campaign is currently aimed at Russian organizations but could expand to other regions. To gain initial access to target infrastructures, Fluffy Wolf impersonates a construction company in phishing emails with attachments disguised as reconciliation reports. The password-protected files contain malicious payloads, the main one being Meta Stealer, a clone of the RedLine Stealer. Fluffy Wolf also spreads other malware, including WarZone RAT and XMRig Miner. This article continues to discuss findings regarding the Fluffy Wolf campaign.

Dark Reading reports "'Fluffy Wolf' Spreads Meta Stealer in Corporate Phishing Campaign"

Submitted by grigby1