Void Banshee Group Using Patched Zero-Day to Execute Infostealer

July 16, 2024 | APT group Void Banshee is exploiting a recently patched zero-day (CVE-2024-38112) to deploy the Atlantida infostealer. The attack uses a disabled Internet Explorer (IE) browser via MHTML to steal passwords and cookies.

Trend Micro reported Void Banshee spreads malicious files disguised as book PDFs on cloud-sharing sites, Discord, and online libraries. Callie Guenther of Critical Start highlights the vulnerability’s risk due to slow patch adoption and legacy systems.

[Read the full article]

Newsletter Signup

Stay up-to-date on the latest resources and news from CRITICALSTART.