By Ravie Lakshmanan
A malware-as-a-service (Maas) dubbedΒ MatanbuchusΒ has been observed spreading through phishing campaigns, ultimately dropping the Cobalt Strike post-exploitation framework on compromised machines.
Matanbuchus, like otherΒ malware loadersΒ such asΒ BazarLoader,Β Bumblebee, andΒ Colibri, is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected