Nimbus Manticore Expanded Attacks With AI-Assisted Malware and Fake Zoom Installers

Nimbus Manticore threat actors accelerated cyberattacks during wartime using AI-assisted malware, fake Zoom installers, and SEO poisoning, targeting unknown victims with the attack vector of fake software installers and SEO poisoning.

1. Nimbus Manticore uses AI-assisted malware and fake Zoom installers to spread malware.
2. The attack targets unknown victims, with a focus on wartime operations.
3. The threat actors employ SEO poisoning to distribute malware.
4. Detection opportunities include monitoring for suspicious Zoom installer downloads and unusual SEO activity.

T1194 Spearphishing via Website
T1598.001 Phishing for Information via Fake Software Installer

Implement strict software installation policies and monitor SEO activity for suspicious patterns to prevent Nimbus Manticore malware distribution.