Handala Group Targets ReutOne in Supply Chain Attack

🖥️✉️🕵 Handala group targets ReutOne in a supply chain attack. The hacking group Handala breached ReutOne, a Microsoft 365 Dynamics reseller, on December 24, 2024, by sending a fraudulent software update email to customers. This fake update was designed to gather system information and send it to a command-and-control (C2) server, while evading detection from antimalware products. The attack has been linked to multiple victim organizations across Israel, France, and Ukraine, with indicators of compromise (IoCs) identified, including specific payloads and C2 communication addresses. The incident highlights the ongoing threat of supply chain attacks and the challenges in detecting such sophisticated malware.

Source

Original