QSC: A multi-plugin framework used by CloudComputating group in cyberespionage campaigns

"In 2021, we began to investigate an attack on the telecom industry in South Asia. During the investigation, we discovered QSC: a multi-plugin malware framework that loads and runs plugins (modules) in memory. The framework includes a Loader, a Core module, a Network module, a Command Shell module and a File Manager module. It is dropped either as a standalone executable or as a payload file along with a loader DLL. In this post, we describe each component of the framework as well as its recent activity including a deployment scenario, an additional backdoor, post-compromise activity and a link to the CloudComputating group."

See more: https://securelist.com/cloudcomputating-qsc-framework/114438/

#cybersecurity #cyberespionage