Summary: Cybersecurity researchers have discovered a new and sophisticated malware campaign that utilizes Google Sheets as a command-and-control (C2) mechanism. The campaign, first detected by Proofpoint on August 5, 2024, targets over 70 organizations across various sectors, including finance, healthcare, and government.
Key Points:
Discovery: Detected by Proofpoint on August 5, 2024, the malware campaign leverages Google Sheets for C2 operations.
Targets: Over 70 organizations worldwide, including sectors such as finance, healthcare, and government.
Malware: The campaign uses a custom tool named “Voldemort” to gather information and deliver additional payloads.
Attack Method: Emails impersonating tax authorities from countries like the U.S. and U.K. contain malicious links that exploit Windows systems to run a Python script directly from a WebDAV share.
Impact: The campaign’s unusual and sophisticated nature suggests a mix of cybercrime and espionage activities, with unclear ultimate objectives.