Operation MoneyMount-ISO: Phantom Stealer Deployment via ISO cover art

Operation MoneyMount-ISO: Phantom Stealer Deployment via ISO

Operation MoneyMount-ISO: Phantom Stealer Deployment via ISO

Listen for free

View show details

About this listen

"Operation MoneyMount-ISO," an active cyber campaign originating from Russia that targets finance, accounting, and other related sectors through a sophisticated phishing scheme. The attack begins with a fake bank transfer confirmation email, written in formal Russian, which contains a malicious ZIP file leading to an ISO-mounted executable. This multi-stage infection ultimately deploys the Phantom Stealer malware, a potent information-stealing payload. Seqrite Labs’ research explains the malware’s capabilities, including extensive anti-analysis features, credential harvesting from browsers and crypto wallets, keylogging, clipboard monitoring, and data exfiltration via platforms like Telegram, Discord, and FTP. The operation is noted for its use of ISO mounting to bypass traditional email security controls, reflecting an increasing trend toward more complex initial access techniques for financially motivated cybercrime.
No reviews yet
In the spirit of reconciliation, Audible acknowledges the Traditional Custodians of country throughout Australia and their connections to land, sea and community. We pay our respect to their elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.