Sansec cybersecurity experts: The new parasitic malware, spread by CronRAT, hijacks a host Nginx application to masquerade its presence.
Technical analysis by the Malware Hunter JAMESWT
Cybercrime, FlickerStealer campaign via DocuSign and Hancitor. The doc attachment of a false notification contains a dll with Chanitor, which downloads the final malware
A fake notification from DocuSign conveys a FickerStealer campaign, which goes through Hancitor.
The doc file in the mail contains a dll with Hancitor (alias Chanitor). This then downloads the final malware. The goal of cybercrime is to steal sensitive data from victims. FickerStealer, in fact, is an info-stealer that targets PCs with Windows operating system, from version XP to 10.