Palo Alto Networks Unit 42
Palo Alto Networks Unit 42 uncovered a Dark Gate malware campaign exploiting legitimate tools for distributing malware. Using Excel files, the malware leveraged public SMB shares to spread across North America, Europe, and Asia. DarkGate, a sophisticated RAT, is capable of various malicious activities, evading detection, and has been active since 2018. The surge in activity followed Qakbot infrastructure disruption and reached its peak with 2,000 samples in a single day, indicating a widespread and significant breach.
Source: https://securityaffairs.com/165723/malware/dark-gate-malware-uses-samba-file-shares.html
"id": "uni617071524",
"linkid": "unit42",
"type": "Breach",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"