Volexity also tracks BrazenBamboo as the developer of other malware families, such as LIGHTSPY and DEEPPOST.
Volexity found the FortiClient plugin was included through a library with the filename msenvico.dll.
However, the issue remains unpatched to date, and no CVE has been assigned to it.
Volexitys analysis provides evidence that BrazenBamboo is a well-resourced threat actor who maintains multi-platform capabilities with operational longevity.
source: www.techworm.net
