1. Forum
  2. FidoNet
  3. CONSPRCY

  • This top security platfor

    From Mike Powell@1:2320/105 to All on Wed Jul 9 08:47:00 2025
    This top security platform is being hacked to carry out malware threats

    Date:
    Tue, 08 Jul 2025 16:04:00 +0000

    Description:
    A patch should have now made future attacks using Shellter Elite impossible.

    FULL STORY

    A popular commercial pentesting tool was being abused for months in malware delivery campaigns, thanks to a reckless, or possibly even malicious,
    customer.

    Security researchers from Elastic Security Labs found threat actors abusing Shellter Elite, the premium version of SHELLTER, to deploy infostealers and bypass modern antivirus and EDR defenses.

    Elastic Security Labs is observing multiple campaigns that appear to be leveraging the commercial AV/EDR evasion framework, SHELLTER, to load
    malware, the researchers said in their report .

    "Reckless and unprofessional"

    Shellter was originally designed for ethical red team operations, to be used for penetration testing. To obtain a copy, a company must reach out to
    Shellter and purchase a license. One of the clients seems to have leaked a
    copy of Shellter Elite v11.0, which was later picked up by malicious actors
    and abused in the wild.

    This was subsequently confirmed by the Shellter Project, the tools vendor,
    who also slammed Elastic for keeping the knowledge about abuse a secret.

    Elastic Security Labs chose to act in a manner we consider both reckless and unprofessional. They were aware of the issue for several months but failed to notify us. Instead of collaborating to mitigate the threat, they opted to withhold the information in order to publish a surprise exposprioritizing publicity over public safety, the vendor said.

    Once the cat was out of the bag, Shellter Project was able to do two key things: identify the (potentially) malicious company that leaked the tool and release a patch that would prevent future abuse. They also said a patch was
    in the pipeline already, and that they were lucky not to have released it sooner.

    Due to this lack of communication, it was sheer luck that the implicated customer did not gain access to our upcoming release. Had we not postponed
    the launch for unrelated personal reasons, they would have received a new version with enhanced runtime evasion capabilitieseven against Elastics own detection mechanisms.

    The newest Elite version 11.1 will only be distributed to vetted customers, excluding the leaker.

    Via BleepingComputer

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/this-top-security-platform-is-being-hac ked-to-carry-out-malware-threats

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)