"..LOBSHOT then deploys an hVNC module allowing access to the hidden desktop as if they were in front of it. At this point the threat actors have complete control over the device, allowing them to execute commands, steal data, and even deploy further malware payloads and spread laterally to other devices to lead to other attacks.

Dave Ratner, CEO, HYAS had this comment:

   “Remote access trojans and other nefarious attacks delivered via Google Ads are becoming more common.  While difficult to spot and detect initially, having the visibility into outbound, anomalous communication via Protective DNS solutions can prove critical to identifying these types of attacks and stopping them before they steal data, deploy further malware payloads, and spread laterally through the organization.”. . . ( Read Full Article . . )

related

Clouds Of Logs: An Evolving Malware Data Collective Marketplace

Clouds Of Logs: An Evolving Malware Data Collective Marketplace

IT Nerd
Read More
The Key to Preventing Production Network Attacks Is to Start Looking Within

The Key to Preventing Production Network Attacks Is to Start Looking Within

Security Today
Read More
Cybersecurity Pioneer HYAS Raises $6.2M Series A Round Led By M12

Cybersecurity Pioneer HYAS Raises $6.2M Series A Round Led By M12

HYAS
Read More