Advertisement
An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop.
“PowerDrop uses advanced techniques to evade detection such as deception, encoding, and encryption,” according to Adlumin, which found the malware implanted in an unnamed domestic aerospace defense contractor in May 2023.
“The name is derived from the tool, Windows PowerShell, used to concoct the script, and ‘Drop’ from the DROP (DRP) string used in the code for padding.”