Back

ShotBird Malware Campaign: Browser Extension Compromise and Host Malware Delivery

Severity: Low (Score: 33.4)

Sources: Reddit

Summary

The ShotBird campaign involves a supply-chain compromise of a Chrome extension, leading to malware delivery on user endpoints. Victims are primarily users of the affected browser extension, which delivered a PowerShell stager to facilitate further attacks. Technical details reveal the use of fake updates to propagate the malware.

Key Entities

  • Malware (attack_type)
  • Supply Chain Attack (attack_type)
  • ShotBird Campaign (campaign)
  • ShotBird (malware)
  • T1059.001 - PowerShell (mitre_attack)
  • T1195 - Supply Chain Compromise (mitre_attack)
  • PowerShell (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed