216.73.216.6

FakeBat Malware Distributing via Fake Browser Updates

· Published 29/04/2024 18:18 · Modified 01/05/2024 23:08

Export JSON

Essential information

Published
29/04/2024 18:18
Modified
01/05/2024 23:08
Tags
browser exploits fakebat malicious scripts phishing social engineering
Related entities
6 observables, 8 techniques (mitre), 1 malware

Description

This report details a recent malware campaign leveraging fake browser update notifications to distribute the loader. The campaign employs sophisticated techniques, with malicious JavaScript code injected into compromised websites to trigger deceptive update prompts. These prompts mimic legitimate browser updates, personalized to match the user's browser type and language settings, ultimately serving a malicious MSIX payload signed with a previously used Consoneai Ltd signature. The report outlines the multi-stage infection chain, server-side logic controlling malicious page exposure, and the use of Pastebin links hosting anti-analysis techniques.

Related entities

Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.

External references