THE article discusses a newly discovered PureLogs info stealer campaign targeting enterprise environments, identified by FortiGuard Labs. This multi-stage attack leverages social engineering, sending deceptive emails disguised as urgent corporate purchase orders to employees. Upon interaction, victims are prompted to execute malicious scripts that initiate a fileless malware process utilizing Microsoft’s MsBuild.exe to evade detection.
The malware employs advanced techniques such as encrypted communications and memory-resident operations to harvest sensitive data, including hardware information, login credentials, and data from cryptocurrency wallets. To combat this threat, organizations are advised to enhance email filtering and host monitoring protocols.