Malware Threat: JsOutProx
FortiGuard Labs discovered an interesting spearphishing attack that we decided to investigate further, which led us to identify a newly updated JsOutProx campaign.
The tactics, techniques, and procedures (TTPS) of the attackers behind JsOutprox appear to be the work of a sophisticated threat actor. This seems evident due to the time and effort the attackers have taken to create this RAT, as well as the series of recent updates that have made it much more powerful. The actors also use specially crafted social engineering campaigns leveraging specific technical jargon pertaining to the verticals being targeted.
For more information on the TTPs used by JsOutProx, read the blog listed in the appendix and go to our Playbook Viewer and select JsOutProx from the menu.