
Hackers Abuse EdgeUpdate and GoogleUpdater to Deploy TimbreStealer Infostealer
A targeted campaign deploying the TimbreStealer infostealer by abusing legitimate updater binaries EdgeUpdate (msedgeupdate) and GoogleUpdater (goopdate) via DLL side-loading. Researchers Euler Neto and Cristóbal Tárraga tracked the intrusion set to phishing lures that deliver ZIP archives hosted on DigitalOcean IPs; victims appear to be primarily companies in Mexico, using invoicing-themed names (CONTENIDO, COMPROBANTES, CFDI) […]
The post Hackers Abuse EdgeUpdate and GoogleUpdater to Deploy TimbreStealer Infostealer appeared first on Cyber Security News.