The first wave of the campaign stopped on June 10, 2020. The attacker then resumed their campaign on June 11, 2020, spreading an upgraded version of the malware and wreaking havoc. The sample was compiled on Thursday, June 11, 2020 10:39:47 PM UTC and caught by Palo Alto Networks Next-Generation Firewall.

As organizations are challenged to secure endpoints that are now in employees’ homes, BeyondTrust Privilege Management for Windows and Mac allows them to secure user devices and limit privileges without hindering productivity or driving up calls to the service desk.