https://feed.craftedsignal.io/vendors/acronis/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioFri, 01 May 2026 08:41:57 +0000https://feed.craftedsignal.io/briefs/2026-05-huggingface-clawhub-malware/Fri, 01 May 2026 08:41:57 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-huggingface-clawhub-malware/Threat actors are using social engineering to distribute malware via AI distribution platforms such as Hugging Face and ClawHub by tricking users into downloading malicious files, which leads to malware infections on Windows, macOS, Linux, and Android systems.Threat actors are leveraging AI distribution platforms like Hugging Face and ClawHub to distribute malware. This involves social engineering tactics to deceive users into downloading files that contain malicious code. Instead of directly compromising AI agents, the attackers abuse user trust by injecting indirect prompts into resources that the AI accesses. Acronis reported that on ClawHub, nearly 600 malicious skills across 13 developer accounts were identified distributing trojans, cryptominers, and information stealers targeting both Windows and macOS. On Hugging Face, attackers created repositories hosting malicious files designed to stage multi-step infection chains leading to infostealers, trojans, malware loaders, and other types of malware targeting Windows, Linux, and Android. This tactic allows attackers to bypass traditional security measures and leverage the platforms’ reputation for trusted AI tooling.

Attack Chain

1. Attacker creates a malicious repository or skill on Hugging Face or ClawHub.
2. The repository or skill contains files that appear legitimate but include malicious code.
3. The attacker uses social engineering to entice users to download the files.
4. Upon execution, the malicious code fetches additional payloads from external sources.
5. For macOS, the payload can be Atomic macOS Stealer (AMOS) Stealer.
6. The downloaded payload executes commands to install hidden dependencies.
7. The malware establishes persistence on the victim’s system.
8. The malware performs its intended malicious actions, such as stealing information or mining cryptocurrency.

Impact

Successful attacks can lead to the installation of various types of malware, including infostealers, trojans, cryptominers, and malware loaders. The targeted platforms include Windows, macOS, Linux, and Android, potentially impacting a wide range of users and systems. The abuse of trust in AI distribution platforms poses a significant risk, as users may be less likely to scrutinize files from these sources. Acronis identified close to 600 malicious skills on ClawHub alone, indicating the scale of this threat.

Recommendation

• Monitor process creation events for execution of downloaded files from Hugging Face or ClawHub with unusual parent processes using the “Detect Suspicious Process Execution from AI Platforms” Sigma rule.
• Implement network monitoring to detect connections to known malicious domains or IPs associated with malware distribution campaigns that originate from processes associated with AI platform tooling.
• Educate users about the risks of downloading files from untrusted sources, even on trusted platforms like Hugging Face and ClawHub.
• Regularly scan systems for known malware signatures and indicators of compromise associated with infostealers and trojans.

]]>highadvisorymalwaresocial-engineeringai-platformshttps://feed.craftedsignal.io/briefs/2026-05-acronis-privesc/Thu, 30 Apr 2026 10:19:14 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-05-acronis-privesc/Multiple vulnerabilities in Acronis Cyber Protect Cloud Agent can be exploited by a local or remote, authenticated attacker to escalate privileges.Multiple vulnerabilities exist within the Acronis Cyber Protect Cloud Agent that could allow an authenticated attacker, either locally or remotely, to escalate their privileges. The vulnerabilities are within the core functionality of the Acronis agent, and successful exploitation could lead to elevated access within the target system. The advisory does not specify the exact nature of the vulnerabilities, but the potential impact of privilege escalation is significant for defenders, as it allows attackers to perform actions they would normally be restricted from doing, such as installing software, modifying data, and accessing sensitive information.

Attack Chain

1. An attacker gains initial access to a system with a valid, but low-privileged, account. This could be achieved through phishing, compromised credentials, or other means.
2. The attacker identifies a vulnerable version of the Acronis Cyber Protect Cloud Agent running on the system.
3. The attacker leverages one of the unspecified vulnerabilities within the Acronis agent through local interaction with the Acronis agent service.
4. Successful exploitation of the vulnerability allows the attacker to bypass access controls and execute code with elevated privileges.
5. The attacker uses their newly acquired privileges to install malicious software, such as a keylogger or remote access trojan.
6. The attacker uses their privileges to access sensitive data, such as user credentials, financial records, or intellectual property.
7. The attacker establishes persistence on the system by creating a new privileged account or modifying existing system configurations.
8. The attacker uses the compromised system as a pivot point to further compromise other systems within the network.

Impact

Successful exploitation of these vulnerabilities could allow attackers to gain complete control over affected systems. The number of potential victims is widespread, as Acronis Cyber Protect Cloud Agent is used by numerous organizations for data protection and backup purposes. If an attacker successfully escalates privileges, they can steal sensitive data, install malware, disrupt critical services, and compromise the entire network. The consequences could include significant financial losses, reputational damage, and legal liabilities.

Recommendation

• Monitor for suspicious processes spawned by the Acronis Cyber Protect Cloud Agent that do not align with normal activity.
• Implement the Sigma rule SuspiciousAcronisChildProcess to detect unusual child processes spawned by the Acronis agent.
• Investigate any unauthorized modifications to system configurations or user accounts, particularly those performed by the Acronis Cyber Protect Cloud Agent using the RegistryModificationByAcronis Sigma rule.
• Apply the latest patches and updates to Acronis Cyber Protect Cloud Agent as soon as they become available from the vendor.

]]>highadvisoryprivilege-escalationacronisagenthttps://feed.craftedsignal.io/briefs/2024-09-msiexec-persistence/Thu, 05 Sep 2024 14:17:05 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-09-msiexec-persistence/Adversaries may establish persistence by abusing the Windows Installer (msiexec.exe) to create scheduled tasks or modify registry run keys, allowing for malicious code execution upon system startup or user logon.The Windows Installer (msiexec.exe) is a legitimate system tool used for installing, updating, and removing software on Windows systems. Adversaries can abuse msiexec.exe to establish persistence mechanisms by creating malicious scheduled tasks or modifying registry run keys. This allows them to execute arbitrary code during system startup or user logon. This technique is attractive to attackers due to msiexec.exe being a trusted Windows binary, potentially evading detection by security solutions that focus on flagging unknown or suspicious processes. The use of msiexec.exe for persistence can be difficult to detect without specific monitoring rules, as it is a common and legitimate system process. This activity can be observed across various Windows versions and is frequently integrated into automated attack frameworks and scripts.

Attack Chain

1. An attacker gains initial access to a compromised system, potentially through phishing, exploitation of a vulnerability, or stolen credentials.
2. The attacker leverages msiexec.exe to create a new scheduled task using the schtasks.exe command, setting it to execute a malicious script or binary.
3. Alternatively, the attacker uses msiexec.exe in conjunction with reg.exe or PowerShell to modify registry keys under HKLM\Software\Microsoft\Windows\CurrentVersion\Run or HKCU\Software\Microsoft\Windows\CurrentVersion\Run, adding a pointer to their malicious executable.
4. The created scheduled task or registry entry points to a malicious payload, such as a reverse shell or a downloader.
5. The system is restarted, or the user logs on, triggering the execution of the newly created scheduled task or the malicious binary through the modified registry run key.
6. The malicious payload executes, establishing a persistent foothold for the attacker on the compromised system.
7. The attacker can now perform further actions, such as data exfiltration, lateral movement, or deployment of ransomware.

Impact

Successful exploitation allows the adversary to maintain persistent access to the compromised system. This can lead to data theft, system compromise, deployment of ransomware, or use of the system as a staging point for further attacks within the network. A single compromised system can be used to pivot and compromise additional systems, leading to a widespread security breach. The impact can include financial losses, reputational damage, and disruption of business operations.

Recommendation

• Monitor process creation events for msiexec.exe spawning schtasks.exe or reg.exe to create scheduled tasks or modify registry run keys (reference: rules in this brief).
• Implement and tune the Sigma rules provided in this brief to detect suspicious msiexec.exe activity related to persistence mechanisms.
• Review and audit existing scheduled tasks and registry run keys for any suspicious entries or anomalies.
• Enable file integrity monitoring (FIM) on critical system directories, including the Windows Task Scheduler directory and registry run key locations (reference: event.category == “file” and file.path … and event.category == “registry” and registry.path … in the rule query).
• Implement application control policies to restrict the execution of unauthorized or unknown executables (reference: rule query).

]]>mediumadvisorypersistencedefense-evasionwindows