EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files
August 12, 2024 at 12:27AM Russian government and IT organizations are targets of a spear-phishing campaign, codenamed EastWind. The attack deploys backdoors and trojans through booby-trapped LNK files, leveraging DLL side-loading techniques. Malware variants GrewApacha, CloudSorcerer, and PlugY are used for espionage, exfiltration, and data theft via various platforms including Dropbox and GitHub. Additionally, a … Read more