Click, Install, Compromised: The New Wave of Zoom-Themed Attacks
Source: Socprime
Published:
<p>Threat actors are exploiting fake Zoom meeting invitations to deliver a malicious VBS downloader that installs ConnectWise ScreenConnect, a legitimate remote access application. The VBS payload downloads the ScreenConnect MSI from attacker-controlled infrastructure and launches it from the victim