ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Veil#Drop campaigns use Blogspot and PowerShell to deliver PureLog

Source headline: Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 1 week ago

Intelligence Summary

Securonix reports that Veil#Drop uses compromised web resources hosted on Blogspot to stage payloads. The activity chains PowerShell and fileless techniques to reduce the chances of detection. Victims are ultimately exposed to the PureLog information stealer. The campaign’s reliance on legitimate hosting and evasive execution increases the difficulty of identifying malicious behavior. Organizations should review detections for suspicious PowerShell behavior and anomalies tied to external web staging.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#information-stealer #blogspot #fileless #powershell #veil-drop
Original reporting SecurityWeek Blogspot-Hosted Payloads Delivered in ‘Veil#Drop’ Attacks
Open original source