Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks

A new phishing campaign, FLUX#CONSOLE, uses tax-themed lures to deliver a backdoor payload targeting Pakistan. The campaign leverages Microsoft Common Console Document (MSC) files to deploy a dual-purpose loader and dropper, retrieving a decoy file while loading a DLL file in the background. The main payload is a backdoor capable of establishing contact with a remote server and executing commands to exfiltrate data.