Global JS Malware Campaign Leveraging GHOSTYNETWORKS and OMEGATECH Hosting
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
In March 2026, hackers exploited GHOSTYNETWORKS and OMEGATECH to deploy a JavaScript backdoor via malspam targeting various sectors, including energy and finance. The operation involved sending malicious emails with ZIP or RAR attachments containing the malware. Organizations across multiple countries were affected, indicating a wide scope of impact. The infrastructure used is designed to evade detection and maintain persistence. This campaign highlights the ongoing threat posed by bulletproof hosting services in facilitating cybercrime. Current status indicates ongoing malspam activity without immediate remediation steps reported.
Key Points: • Hackers used GHOSTYNETWORKS and OMEGATECH for a large-scale JS malware campaign. • Malicious emails delivered a JavaScript backdoor to critical sectors like energy and finance. • The operation's infrastructure is designed to evade detection and sustain long-term attacks.