top of page

Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC and Cobalt Strike

Monster Libra is the latest threat actor to push malware into the Windows operating system, and that infection has led to Dark VNC and Cobalt Strike, as well as a series of other infections.

ADVERSARY: Monster Libra

MALWARE FAMILIES: Cobalt Strike, IcedID - S0483, Trojan:Win32/Bokbot

ATT&CK IDS: T1219 - Remote Access Software, T1193 - Spearphishing Attachment, T1137.001 - Office Template Macros, T1573 - Encrypted Channel

Read More:

1 view
bottom of page