Attack Trends Related to DangerousPassword

JPCERT/CC documents ongoing DangerousPassword APT attacks against cryptocurrency exchanges using varied social-engineering and file-delivery techniques (CHM via LinkedIn, OneNote with embedded MSI, VHD files, and macOS AppleScript). The malware family deploys MSI/DLL payloads that collect and exfiltrate host information via HTTP POST, implements AV-detection and evasion behaviors, and the report supplies C2 domains/IPs and numerous malware hashes for detection and response.