New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
Summary
A new malware family named SharkLoader has been identified, which is being used to deploy Cobalt Strike Beacon in cyberattack campaigns. Kaspersky is tracking these activities under the name StrikeShark and has observed targeting of diplomatic and government organizations in Indonesia and Taiwan.
IFF Assessment
The discovery of new malware and an active campaign deploying powerful post-exploitation tools like Cobalt Strike poses a direct threat to defenders.
Defender Context
Defenders need to be aware of SharkLoader and its capabilities for delivering Cobalt Strike, as this indicates a sophisticated and ongoing threat campaign. Monitoring for indicators of compromise associated with StrikeShark and ensuring robust endpoint detection and response are crucial to mitigating this threat.