VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer
7月 01, 2026
Malware / Cyber Attack
Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs . The activity has been codenamed VEIL#DROP by Securonix. It's suspected that the initial payloads are distributed either via spear-phishing or a drive-by compromise , which occurs when an unsuspecting user lands on a website (legitimate or otherwise) under the attacker's control. "The infection chain begins with a deceptively named JavaScript file masquerading as a document (e.g., transcript.pdf.js), which executes through Windows Script Host and launches PowerShell with execution policy bypasses enabled," researchers Akshay Gaikwad, Shikha Sangwan, and Aaron Beardslee said in a report shared with The Hacker News. At a high level, the PowerShell script is responsible for retrieving a next-stage payload hosted on Blogger ("htlwub00klocate.blogspot[.]com"), allowing the ...