Lunar Spider JS disguised as a tax form delivered an MSI that installed Brute Ratel and injected Latrodectus; credentials were stolen from LSASS/backups/browsers and data exfiltrated via rclone and FTP. #lunar_spider #brute_ratel #rclone https://bit.ly/3IITqgD
0
0
0
0