National Cyber Warfare Foundation (NCWF)

Attackers Exfiltrate AnyDesk Configuration Data via Blat SMTP in Aerospace Phishing Campaign


0 user ratings
2026-07-07 11:15:09
milo
Red Team (CNA)

A targeted spear-phishing campaign that configures AnyDesk for silent, persistent remote access and exfiltrates its configuration using the Blat SMTP utility. The campaign uses an aerospace-themed invoice lure that impersonates the Russian research institute VNIIR via a freshly registered spoof domain (vniir-avia.space) and delivers a password-protected archive that, when opened, triggers a multi-stage dropper and […]


The post Attackers Exfiltrate AnyDesk Configuration Data via Blat SMTP in Aerospace Phishing Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/smtp-in-aerospace-phishing-campaign/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.