Lokibot Exploits Word Document Vulnerabilities to Propagate
Lokibot Exploits Word Document Vulnerabilities to Propagate
14 July 2023
FortiGuard Labs claimed to have found several Office maldocs purposed to exploit known vulnerabilities, specifically CVE-2021-40444 and CVE-2022-30190 (Follina). Researchers noted that the version of Lokibot used in the campaign includes MD5 hash. This version of Lokibot info-stealer seems to have appeared first in March.