GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Summary
Researchers have identified a new variant of the GlassWorm campaign that employs Solana blockchain 'dead drops' to distribute a multi-stage malware framework. This framework includes a remote access trojan (RAT) and an information-stealing Google Chrome extension designed to mimic Google Docs.
IFF Assessment
FOE
The GlassWorm malware's advanced capabilities for data theft and RAT deployment pose a significant threat to users and organizations.
Defender Context
Defenders should be aware of this evolving GlassWorm campaign, particularly its use of novel dead drop techniques on blockchain networks like Solana. Vigilance against sophisticated information stealers, especially those masquerading as legitimate tools like Google Docs extensions, is crucial.