SLUB Gets Rid of GitHub, Intensifies Slack Use
released on 2019-07-16 @ 01:32:14 PM
Four months ago, we exposed an attack that leveraged a previously unknown malware that Trend Micro named SLUB. The past iteration of SLUB spread from a unique watering hole website exploiting CVE-2018-8174, a VBScript engine vulnerability. It used GitHub and Slack as tools for communication between the malware and its controller.