Sign up to save your podcasts
Or
Share Malvertising Campaign Leads to Info Stealers Hosted on Github
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Malvertising Campaign Leads to Info Stealers Hosted on Github
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Senior Microsoft Security Researcher Kajhon Soyini to explore the Luma Stealer cryptocurrency mining campaign targeting individual computers as part of a large-scale malvertising campaign. They discuss the sophisticated attack chain, which includes DLLs, clipboard malware, process injection via Explorer.exe, and how this impacted nearly one million devices around the globe.
Kajhon explains how attackers use registry modifications, WMI event consumers, and obfuscation techniques like non-standard ports and reverse shells to maintain persistence and evade detection. The duo also covers Microsoft's defense efforts and the challenges of tracking down the origins of these attacks.
In this episode you’ll learn:
Some questions we ask:
Resources:
View Kajhon Soyini on LinkedIn
View Sherrod DeGrippo on LinkedIn
Connect with Sherrod and the team at RSAC
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
View all episodes
By Microsoft
5
2121 ratings
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Senior Microsoft Security Researcher Kajhon Soyini to explore the Luma Stealer cryptocurrency mining campaign targeting individual computers as part of a large-scale malvertising campaign. They discuss the sophisticated attack chain, which includes DLLs, clipboard malware, process injection via Explorer.exe, and how this impacted nearly one million devices around the globe.
Kajhon explains how attackers use registry modifications, WMI event consumers, and obfuscation techniques like non-standard ports and reverse shells to maintain persistence and evade detection. The duo also covers Microsoft's defense efforts and the challenges of tracking down the origins of these attacks.
In this episode you’ll learn:
Some questions we ask:
Resources:
View Kajhon Soyini on LinkedIn
View Sherrod DeGrippo on LinkedIn
Connect with Sherrod and the team at RSAC
Related Microsoft Podcasts:
Afternoon Cyber Tea with Ann Johnson
The BlueHat Podcast
Uncovering Hidden Risks
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
More shows like Microsoft Threat Intelligence Podcast
View all
Hacked
184 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
Risky Business
374 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
637 Listeners
CyberWire Daily
1,016 Listeners
Smashing Security
322 Listeners
Click Here
416 Listeners
Darknet Diaries
8,000 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Cyber Security Headlines
134 Listeners
Risky Bulletin
44 Listeners
Hacker And The Fed
168 Listeners