Fake Bitdefender Site Spreads Trio of Malware Tools

SUMMARY :

A spoofed Bitdefender website is being used in a malicious campaign to distribute VenomRAT, StormKitty, and SilentTrinity malware. The fake site mimics Bitdefender's legitimate antivirus download page but redirects visitors to malicious files hosted on Bitbucket and Amazon S3. The malware package allows attackers to gain remote access, gather credentials, and exfiltrate data while remaining hidden. The campaign also includes related phishing domains impersonating banks and IT services. The use of open-source malware frameworks demonstrates the increasing accessibility of cybercrime tools, enabling attackers to quickly assemble effective malware kits. Researchers emphasize the importance of verifying download sources and remaining cautious with email links and attachments.

OPENCTI LABELS :

phishing,venomrat,stormkitty,silenttrinity,spoofed website


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Fake Bitdefender Site Spreads Trio of Malware Tools