Cloud Atlas Uses VBCloud Malware in Cyber Attacks
/ 1 min read
🌀 Cloud Atlas employs new VBCloud malware in targeted cyber attacks. The threat actor known as Cloud Atlas has been detected using a novel malware called VBCloud in its cyber campaigns, primarily targeting users in Russia and several other countries. Victims are infected through phishing emails containing malicious documents that exploit a vulnerability in Microsoft’s Equation Editor. The attack chain involves multiple stages, including the deployment of a backdoor known as VBShower, which facilitates further malware downloads and data theft. VBCloud, activated upon user login, collects sensitive information and files, enhancing the group’s capabilities for infiltration and data exfiltration. This activity marks a significant evolution in Cloud Atlas’s tactics since its emergence in 2014.
