Verticals Targeted: Government, Diplomatic Organizations, Software Development
Regions Targeted: Indonesia, Taiwan, Hong Kong, Lebanon, Syria, Colombia, North Macedonia, Nepal, Serbia
Related Families: SharkLoader, Cobalt Strike
Executive Summary
Researchers have identified a previously undocumented malware loader named SharkLoader, used by an intrusion cluster tracked as StrikeShark to deploy Cobalt Strike Beacon against organizations across multiple countries and industries. The campaign has leveraged exploitation of vulnerable internet-facing applications alongside custom droppers disguised as legitimate software installers to establish initial access. Confirmed victims include government-related organizations, diplomatic entities, software development companies, and organizations in additional sectors spanning Asia, Europe, the Middle East, and Latin America.