Member-only story

Formbook Malware, shaderz Python Package & Two Major Zero-Days

Dark Roast Intelligence | December 18, 2022

Katlyn Gallo
Dark Roast Security
7 min readDec 18, 2022

--

image by author

Welcome to this week’s edition of Roast Roast Intelligence. In this article, you’ll find an overview of two recent malware campaigns and two zero-day vulnerabilities that were hot topics last week.

Formbook Malware is Still Here

Formbook malware is a malware-as-a-service (MaaS) offering that’s been around since 2016, but it’s not one we hear of often, like Emotet, Qakbot, or Agent Tesla. Contrary to what we may think though, Formbook malware is still going strong as security researchers continue to discover campaigns deploying the reliable InfoStealer.

Since its inception, Formbook has been used to steal personal information from infected devices by logging keystrokes and collecting data from browsers and other programs that may be running. Over the years, that hasn’t changed, but the method of delivery has continued to adapt.

Historically, Formbook has been deployed via word documents or RTF (Rich Text Format) files containing malicious code. When opened, the malware is unpacked and malicious code injected into the victim device to hook into running processes and begin gathering data. In more recent years, Formbook campaigns have been seen to…

--

--

Dark Roast Security
Dark Roast Security

Published in Dark Roast Security

Dark Roast Security’s mission is to inspire, educate, and share ideas about InfoSec. Follow to join our community!

Katlyn Gallo
Katlyn Gallo

Written by Katlyn Gallo

Coffee lover, bookworm, and InfoSec enthusiast | Find me on Twitter & Instagram: @ktgblogstech

No responses yet