TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

GBHackers

Silver Fox Uses Fake Tax Notices to Drop ValleyRAT and ABCDoor Backdoor

Mayura Kathir · 22 hours ago · Read original ↗

ATT&CK techniques detected

3 predictions
T1566.002Spearphishing Link
80%
“silver fox uses fake tax notices to drop valleyrat and abcdoor backdoor silver fox is running a tax ‑ themed phishing campaign that abuses fake notices from indian and russian tax authorities to drop valleyrat and a new python backdoor dubbed abcdoor, using a customized rustsl lo…”
T1204.002Malicious File
61%
“asia and expanding operations in south asia. silver fox uses fake tax notices during this campaign, analysts identified a new valleyrat plugin that acts as a loader for a previously undocumented python backdoor named abcdoor. the emails used two main delivery patterns : direct at…”
T1566.001Spearphishing Attachment
31%
“asia and expanding operations in south asia. silver fox uses fake tax notices during this campaign, analysts identified a new valleyrat plugin that acts as a loader for a previously undocumented python backdoor named abcdoor. the emails used two main delivery patterns : direct at…”

Summary

Silver Fox is running a tax‑themed phishing campaign that abuses fake notices from Indian and Russian tax authorities to drop ValleyRAT and a new Python backdoor dubbed ABCDoor, using a customized RustSL loader to evade detection and enforce strict geofencing controls. The campaign shows how the group is steadily evolving from commodity RAT delivery to […]

The post Silver Fox Uses Fake Tax Notices to Drop ValleyRAT and ABCDoor Backdoor appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.