A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initial foothold and a way to drop malware onto compromised systems and networks.
The new malware tool spreads via spam campaigns dropping Qakbot and Cobalt Strike in the most recent campaigns. Discovered by researchers at Cisco Talos, Squirrelwaffle is one of the tools that emerged as an Emotet replacement shortly after the law enforcement disruption on the widely used botnet. This new threat first appeared in September 2021, with distribution volumes peaking at the end of that month. While the spam campaign primarily uses stolen reply-chain email campaigns in English, the threat actors also utilize French, German, Dutch, and Polish emails.
Source: bleepingcomputer.com