Menu

Blog

May 26, 2024

Hackers phish finance orgs using trojanized Minesweeper clone

Posted by in category: finance

Hackers are utilizing code from a Python clone of Microsoft’s venerable Minesweeper game to hide malicious scripts in attacks on European and US financial organizations.

Ukraine’s CSIRT-NBU and CERT-UA attribute the attacks to a threat actor tracked as ‘UAC-0188,’ who is using the legitimate code to hide Python scripts that download and install the SuperOps RMM.

Superops RMM is a legitimate remote management software that gives remote actors direct access to the compromised systems.

Leave a reply