"Red Teaming Tool Abused for Malware Deployment"
"Red Teaming Tool Abused for Malware Deployment"
Threat actors are using MacroPack, a tool designed for red team exercises, to deploy malware. Cisco Talos researchers discovered several related Microsoft documents uploaded to VirusTotal between May and July 2024. All of them were created by a version of a payload generator framework, MacroPack. A variety of actors and countries, including China, Pakistan, Russia, and the US, uploaded the documents.