Social engineering: MINEBRIDGE RAT embedded to look like job résumés. [Research Saturday]

Guest Deepen Desai joins Dave to talk about Zsaler’s research “Return of the MINEBRIDGE RAT With New TTPs and Social Engineering Lures.” In Jan 2021, Zscaler ThreatLabZ discovered new instances of the MINEBRIDGE remote-access Trojan (RAT) embedded in macro-based Word document files crafted to look like valid job resumes (CVs). Such lures are often used as social engineering schemes by threat actors.

MINEBRIDGE buries itself into the vulnerable remote desktop software TeamViewer, enabling the threat actor to take a wide array of remote follow-on actions such as spying on users or deploying additional malware.The use of social engineering tactics targeting security teams appears to be on an upward trend.

The research can be found here: