/003
Fluke Studios
YEAR:
2021
Qatar-based fashion label Fluke Studios makes trendy, high-quality apparel that's both comfy and practical. That releases limited-edition merchandise at different shopping points in different locations
INFO:
Fluke Studios creates unique one-of-a-kind, handcrafted garments produced from eco-friendly materials including repurposed leather and textiles. Their collection is known for its reliability and endurance thanks to the high quality of its individual pieces. In addition, they have special editions of their products that are only sold in selected locations, giving their customers a chance to feel like VIPs as they shop with Fluke Studios.
GOAL:
STYLE GUIDE
The attack operates through a multi-stage process involving file extraction, malicious shortcut execution, and script-based payload delivery. It establishes persistence via scheduled tasks and registry modifications to connect to attacker-controlled C2 servers, allowing for espionage activities such as data exfiltration. National Security Archive OCR of the Document | National Security Archive
threat group. While appearing to be a "crack" or updated version of the Lightworks video editing software, it is actually used as an initial access vector for multi-stage malware deployment. National Security Archive Incident Summary Threat Actor: LIGHTWORKS Crack.rar -UPD-
Malicious scripts (LNK, VBScript, PowerShell) for espionage. National Security Archive Malware Analysis (Infection Chain) The attack operates through a multi-stage process involving
Gamaredon Group (UAC-0010), associated with Russian-sponsored operations. Attack Vector: Spear-phishing emails delivering a weaponized RAR file. Target Payload: While appearing to be a "crack" or updated
"LIGHTWORKS Crack.rar" (often labeled with "-UPD-") is identified by cybersecurity analysts as a malicious dropper associated with the Gamaredon (UAC-0010)
