ioc[.]one - OSINT Cyber Threat Intelligence Database

Aurora info stealer deployed via fraudulent Windows updates

Tags

cmtmf-attack-pattern:	Masquerading
country:	Ukraine
maec-delivery-vectors:	Watering Hole
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	98ac6be4-e6c3-4931-9609-3a880d35f061
Fingerprint	360d55508a1375d0
Analysis status	DONE
Considered CTI value	0
Text language
Published	May 12, 2023, 11:38 a.m.
Added to db	May 12, 2023, 6:46 p.m.
Last updated	Aug. 31, 2024, 12:01 p.m.
Headline	Aurora info stealer deployed via fraudulent Windows updates
Title	Aurora info stealer deployed via fraudulent Windows updates
Detected Hints/Tags/Attributes	16/4/1

Source URLs

	Redirection	Url
Details	Source	https://www.scmagazine.com/brief/malware/aurora-info-stealer-deployed-via-fraudulent-windows-updates

URL Provider

Details	Provider	Source level domain
Details	scmagazine.com	www.scmagazine.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	163	✔	—	https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	1		chromeupdater.exe