Member-only story
Formbook Malware, shaderz Python Package & Two Major Zero-Days
Dark Roast Intelligence | December 18, 2022
Welcome to this week’s edition of Roast Roast Intelligence. In this article, you’ll find an overview of two recent malware campaigns and two zero-day vulnerabilities that were hot topics last week.
Formbook Malware is Still Here
Formbook malware is a malware-as-a-service (MaaS) offering that’s been around since 2016, but it’s not one we hear of often, like Emotet, Qakbot, or Agent Tesla. Contrary to what we may think though, Formbook malware is still going strong as security researchers continue to discover campaigns deploying the reliable InfoStealer.
Since its inception, Formbook has been used to steal personal information from infected devices by logging keystrokes and collecting data from browsers and other programs that may be running. Over the years, that hasn’t changed, but the method of delivery has continued to adapt.
Historically, Formbook has been deployed via word documents or RTF (Rich Text Format) files containing malicious code. When opened, the malware is unpacked and malicious code injected into the victim device to hook into running processes and begin gathering data. In more recent years, Formbook campaigns have been seen to…