Ursnif Trojan Uses Fileless Persistence and CAB for Stealthily Data Exfiltration
In addition to employing a fileless attack technique, the Ursnif Trojan has been using CAB files to compress harvested data before exfiltration in recent attacks, Cisco Talos security researchers reveal.