216.73.217.80

TookPS distributed under the guise of UltraViewer, AutoCAD, and Ableton

· Published 03/04/2025 15:03 · Modified 03/04/2025 18:31

Export JSON

Essential information

Published
03/04/2025 15:03
Modified
03/04/2025 18:31
Tags
2025-04-03 backdoor downloader lapmon remote access software impersonation ssh tunnel tevirat tookps
Related entities
17 observables, 8 techniques (mitre), 3 malware, 5 others

Description

A malware campaign is distributing the by impersonating popular software like UltraViewer, AutoCAD, SketchUp, Ableton, and Quicken. The malware establishes an for and deploys additional payloads like and backdoors. The attackers gain full system control through various methods. The campaign targets both individuals and organizations, using domains registered in early 2024. Users are advised to avoid downloading pirated software, while organizations should implement strict security policies and conduct regular awareness training.

External references