Cloud Atlas using a new backdoor, VBCloud, to steal data | Securelist

Cloud Atlas, a cyber threat group active since 2014, has been observed using a new toolset in its attacks. The toolset, which includes VBShower and PowerShower backdoors, is delivered via phishing emails containing malicious documents. VBShower and PowerShower are designed to collect system information, steal files, and facilitate further infiltration, including dictionary attacks and Kerberoasting.