QSC: new modular framework in CloudComputating campaigns
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
Kaspersky researchers discovered QSC, a multi-plugin malware framework used by the CloudComputating group in cyber espionage campaigns. QSC consists of a Loader, Core module, Network module, File Manager module, and Command Shell module, allowing attackers to load specific plugins on demand. The framework was deployed alongside a new Golang-based backdoor called GoClient. Attackers used stolen domain admin credentials to move laterally and deploy QSC on other machines within compromised networks. The campaigns targeted telecommunication companies in South and West Asia, with attackers collecting system information, accessing domain controllers, and exfiltrating sensitive data.
OPENCTI LABELS :
lateral movement,quarian backdoor,qsc framework,goclient backdoor
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
QSC: new modular framework in CloudComputating campaigns