SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit,...

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

...

AI Analysis

SocGholish is a JavaScript loader malware distributed through compromised websites, often disguised as software updates. It is used by multiple cybercriminal groups to gain initial access to systems, which are then sold to other organizations.

Visit Original Source

Basic Information

ID THN:AC4C3FA038B5261D22D8E00BD8889587

Published Aug 7, 2025 at 18:26

Modified Aug 7, 2025 at 18:27

AI Assessment

AI Severity Critical

Vendor TA569 (Threat Actor)

Product SocGholish

Version Unspecified

{
    "lastseen": "2025-08-07T19:07:20",
    "description": "...",
    "published": "2025-08-07T18:26:00",
    "modified": "2025-08-07T18:27:04",
    "type": "thn",
    "title": "SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others",
    "source": "",
    "references": "",
    "id": "THN:AC4C3FA038B5261D22D8E00BD8889587",
    "bulletinFamily": "info",
    "cwe": null,
    "cvelist": [
        "CVE-2024-38196"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://thehackernews.com/2025/08/socgholish-malware-spread-via-ad-tools.html",
    "category_name": "News",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "SocGholish is a JavaScript loader malware distributed through compromised websites, often disguised as software updates. It is used by multiple cybercriminal groups to gain initial access to systems, which are then sold to other organizations.",
    "ai_severity": "Critical",
    "ai_vendor": "TA569 (Threat Actor)",
    "ai_product": "SocGholish",
    "ai_version": "Unspecified",
    "ai_score": 0
}

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others_THN:AC4C3FA038B5261D22D8E00BD8889587

Description

AI Analysis

Basic Information

AI Assessment

💭 Join the Security Discussion ❌ Cancel Reply