A phishing campaign targeting healthcare, government, hospitality, and education sectors uses several evasion techniques to avoid detection.

DR (DZone Research) offers insights into software development trends, industry surveys, and technology adoption patterns, providing reports, whitepapers, and analyst insights to help businesses make informed decisions and stay competitive in the ever-evolving tech landscape. By exploring DR's curated content, developers can gain insights into emerging technologies, developer preferences, and industry best practices for building innovative and market-leading software solutions. Whether you're a startup founder, product manager, or tech executive, DR offers resources to guide your strategic planning and drive business success.

Dark Reading

A phishing campaign targeting healthcare, government, hospitality, and education sectors in Germany, Canada, the US, and Australia delivers PureLog Stealer malware disguised as copyright infringement legal notices. Victims are tricked into executing what appears to be a PDF, which triggers a multi-stage, fileless infection chain using a Python-based loader, dual .NET loaders, AMSI bypass, anti-VM checks, and heavy obfuscation. The final payload runs entirely in memory, harvesting browser credentials, cryptocurrency wallets, screenshots, and system data. Trend Micro researchers highlight the campaign's shift toward selective targeting and recommend behavioral EDR/XDR detection, application allowlisting, restricting unauthorized Python execution, and user training to treat unexpected legal notices as high-risk.

Attackers Hide Infostealer in Copyright Infringement Notices