When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Cisco Talosresearchers are credited with discovering the new campaign, which is being dubbed Operation Blacksmith.
The malware consists of a pair of RATs which have been named NineRAT and DLRAT by the cybersecurity group.
The former uses Telegram bots and channels as a medium of C2 communications.
The third is a downloader, called BottomLoader.
It was observed again in September 2023, targeting a European manufacturing entity.
The vulnerability was discovered by a member of the Alibaba Cloud Security Team, and has since been addressed.
