FluffyWolf Campaign Targets Corporate Infrastructure For Operations
A cluster of nefarious activity was identified and is being called Fluffy Wolf. The operators of the campaign primarily use phishing emails with password-protected archives that contain executables disguised as reports to infiltrate systems. When opened the archive and attachments allow the threat actors to spread tools like Remote Utilities Meta Stealer WarZone RAT and XMRig miner enabling remote access data theft and crypto mining as well as leveraging both legitimate software and malware-as-a-service to carry out attacks.