Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware

Security vulnerabilities discovered in Ivanti Connect Secure (ICS) Virtual Private Network (VPN) devices are reportedly being exploited by hackers. These vulnerabilities, identified as CVE-2023-46805 (CVSS score: 8.2) and CVE-2024-21887 (CVSS score: 9.1), are leveraged to deploy the KrustyLoader malware. This potent malware delivers a Rust-based payload utilized to drop the open-source Sliver adversary simulation tool. This development serves as a strong reminder of the increasing sophistication and persistence of threat actors continually seeking ways to exploit system flaws for disruptive and potentially damaging purposes.

Published: Wed, 31 Jan 2024 12:53:00 +0530