Malware Monitor | February 5th, 2025

Welcome back to the Morphisec Malware Monitor!

Punxsutawney Phil said there would be 6 more weeks of winter, so we hope you haven’t packed away your warm socks and sweaters yet.

Industry Headline Scan

Meta Confirms WhatsApp Hack – Forbes

• ?As first reported by The Guardian, WhatsApp users have been targeted by a sophisticated spyware hack attack requiring no user interaction.
• Meta has confirmed that the hack “targeted several users including journalists and members of civil society.”
• It is believed that roughly 90 users were targeted across over 20 countries.

Shadow AI Creates New Headaches for Company IT Teams – Axios

• The world is running towards AI tools to make work more efficient, but many of these tools are being used without company approvals or guidelines.
• Recently, the Pentagon and US Navy have banned the use of the China-based AI model DeepSeek, as its open-source model and Chinese affiliations raise red flags.?

CAPTCHA Chaos: From X Threads to Telegram – Morphisec

• Morphisec researchers have discovered a malware campaign focused on defrauding cryptocurrency users on X (formerly Twitter).
• The attacks begin with impostors of popular crypto-influencers hijacking threads to funnel users toward phishing links, where users are directed toward Telegram groups where malware payloads are delivered.?

Morphisec Expert Insights

Earlier this week, Shmuel Uzan published a comprehensive guide to ValleyRAT, a multi-stage malware attributed to the Silver Fox Advanced Persistent Threat group.

Check out his comprehensive blog to see a complete attack chain with code snippets, screenshots, and tips to stay ahead of this highly dangerous malware.

Closing Notes

• If you haven’t yet, visit Morphisec.com to see our new web experience!
• Be sure to subscribe to the Morphisec Malware Monitor to get notified whenever we share more weekly headlines, insights, and data on dangerous ransomware attacks!