| Aspect | Details |
|---|---|
| Threat Actors | RomCom, suspected ties to Russia, also known as Tropical Scorpius, Storm-0978, or UNC2596. |
| Campaign Overview | Exploited zero-day vulnerabilities (CVE-2024-9680 & CVE-2024-49039) to deploy RomCom backdoor via zero-click exploits. |
| Target Regions (Or Victims) | Primarily Europe and North America, with up to 250 affected targets between October 10 – November 4, 2024. |
| Methodology | Fake domains, zero-click exploits, privilege escalation, and stealthy redirection via malicious websites. |
| Product Targeted | Mozilla Firefox, Thunderbird, Tor browsers, and Microsoft Windows Task Scheduler. |
| Malware Reference | RomCom backdoor |
| Tools Used | Fake domains (e.g., redircorrectiv[.]com), Reflective DLL Injection, C2 servers like journalctd[.]live. |
| Vulnerabilities Exploited | CVE-2024-9680 (Use-After-Free in Firefox), CVE-2024-49039 (Elevation of Privilege in Windows Task Scheduler). |
| TTPs | Phishing domains, zero-click exploit chain, DLL injection, and system compromise via backdoor. |
| Attribution | RomCom threat group, suspected Russian ties. |
| Recommendations | Monitor for IOCs, use SOCRadar’s Vulnerability Intelligence to track CVEs, and implement Brand Protection for domain detection. |
| Source | SOCRadar |
RomCom Backdoor Attacks Use Zero-Day Exploits in Mozilla and Windows (CVE-2024-9680 & CVE-2024-49039)
Share:
London, GB
2:07 am,
Jan 18, 2025
3°C
L: 2° |
H: 4°
Feels like 1°C°
overcast clouds
Daily ForecastHourly Forecast
Today
9:00 pm
2° | 4°°C
0 mm
0%
4 mph
92 %
1032 mb
0 mm/h
Tomorrow
9:00 pm
1° | 5°°C
0 mm
0%
7 mph
91 %
1023 mb
0 mm/h
Mon Jan 20
9:00 pm
2° | 6°°C
0 mm
0%
4 mph
97 %
1020 mb
0 mm/h
Tue Jan 21
9:00 pm
4° | 7°°C
0 mm
0%
5 mph
97 %
1019 mb
0 mm/h
Wed Jan 22
9:00 pm
4° | 8°°C
0.2 mm
20%
9 mph
97 %
1013 mb
0 mm/h
Today
3:00 am
2° | 3°°C
0 mm
0%
2 mph
87 %
1032 mb
0 mm/h
Today
6:00 am
1° | 3°°C
0 mm
0%
1 mph
90 %
1032 mb
0 mm/h
Today
9:00 am
2° | 2°°C
0 mm
0%
2 mph
90 %
1031 mb
0 mm/h
Today
12:00 pm
5° | 5°°C
0 mm
0%
3 mph
71 %
1030 mb
0 mm/h
Today
3:00 pm
6° | 6°°C
0 mm
0%
3 mph
65 %
1027 mb
0 mm/h
Today
6:00 pm
4° | 4°°C
0 mm
0%
4 mph
86 %
1026 mb
0 mm/h
Today
9:00 pm
3° | 3°°C
0 mm
0%
4 mph
92 %
1025 mb
0 mm/h
Tomorrow
12:00 am
2° | 2°°C
0 mm
0%
3 mph
85 %
1023 mb
0 mm/h
| Name | Price | 24H (%) |
|---|---|---|
 Bitcoin(BTC) | €101,536.74 | 2.52% |
 Ethereum(ETH) | €3,374.52 | 2.39% |
 XRP(XRP) | €3.16 | -1.31% |
 Tether(USDT) | €0.97 | 0.06% |
 Solana(SOL) | €212.98 | 1.95% |
 Dogecoin(DOGE) | €0.413332 | 10.17% |
 USDC(USDC) | €0.97 | -0.01% |
 Shiba Inu(SHIB) | €0.000023 | 7.89% |
 Pepe(PEPE) | €0.000019 | 9.08% |
 Peanut the Squirrel(PNUT) | €0.65 | 8.85% |
