The attackers have been using phishing emails that contain a link to a Google Drive or Dropbox file, which, when clicked, downloads the malicious Python script.
A new cyber attack campaign has been discovered by security researchers at Securonix, targeting organisations using a Python-based malware called PY#RATION.
Recommended ArticlesView All
Biggest casualty of ending LTCG regime is not debt funds but the debt market
Mar 25, 2023 IST6 Min(s) Read
US Fed rate hike — willing to hit but afraid to wound
Mar 25, 2023 IST4 Min(s) Read
Withering Weather: Experts see erratic rains to spell higher food prices and tougher inflation ahead
Mar 24, 2023 IST4 Min(s) Read
Decoding Finance Bill proposals for debt funds: What remains and what changes
Mar 24, 2023 IST3 Min(s) Read
According to the company, the malware exhibits remote access trojan (RAT) behaviour, allowing for control of and persistence on the affected host. As with other RATs, PY#RATION possesses a host of features and capabilities.
The attack campaign has been primarily targeting organisations in the healthcare and finance industries, but any organisation that uses Python-based systems is at risk. The attackers have been using phishing emails that contain a link to a Google Drive or Dropbox file, which, when clicked, downloads the malicious Python script.
The malware is delivered via phishing emails that contain a malicious Python script, which, when executed, allows the attackers to gain access to the victim's system and steal sensitive information.
The PY#RATION malware is capable of performing a variety of malicious actions, including exfiltrating data, keylogging, and taking screenshots. It also has the ability to evade detection by using encrypted communication channels and disguising itself as a legitimate Python process.
To protect against this attack campaign, organisations are advised to implement advanced threat detection and response solutions, as well as to educate their employees on how to recognize and avoid phishing emails. Additionally, organisations should regularly update and patch their systems to ensure that any vulnerabilities are addressed.
The cybersecurity community continues to monitor this situation and will provide updates as more information becomes available. It is important for organisations to stay vigilant and take proactive measures to protect themselves from this and other cyber threats.
Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!