[SANS ISC] Info-Stealer Using webhook.site to Exfiltrate Data

I published the following diary on isc.sans.edu: “Info-Stealer Using webhook.site to Exfiltrate Data“:

We already reported multiple times that, when you offer an online (cloud) service, there are a lot of chances that it will be abused for malicious purposes. I spotted an info-stealer that exfiltrates data through webhook.site. Today, many Python scripts use Discard as a C2 communication channel. This time, something different and that looks definitively less suspicious… [Read more]

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.