Tags
Malware
Incidents
BrazenBamboo Weaponizes FortiClient Vulnerability to Steal Credentials
References
https://malpedia.caad.fkie.fraunhofer.de/actor/brazenbamboohttps://www.volexity.com/blog/2024/11/15/brazenbamboo-weaponizes-forticlient-vulnerability-to-steal-vpn-credentials-via-deepdata/
Last edited
Feb 19, 2025 2:28 PM
DEEPPOST is a post-exploitation data exfiltration tool developed by the Chinese state-affiliated threat actor known as BrazenBamboo. It is designed to facilitate the unauthorized transfer of files from compromised systems to remote endpoints, often used in conjunction with other malware such as DEEPDATA and LIGHTSPY to enhance cyber espionage operations. DEEPPOST enables attackers to efficiently extract sensitive information, including system logs, captured credentials, and user activity records