Between August and October 2025, a phishing campaign exploited social engineering tactics to deceive victims into downloading malware disguised as judicial documents. The campaign utilized emails with SVG attachments that directed users to download a password-protected ZIP file containing a malicious executable, which has been identified as PureHVNC.
This malware employs advanced evasion techniques, including DLL side-loading and process manipulation to avoid detection. By harnessing legitimate Windows functionalities, it ensures prolonged access and stealth within the targeted systems. As this infection mechanism illustrates, judicial and legal themes effectively serve as vectors for cybercriminal exploitation, especially within Latin American government sectors, showcasing the evolving landscape of cyber threats and the need for enhanced security awareness.
👉 Pročitaj original: Cyber Security News
