EncryptHub Abuses Brave Support in new Campaign Exploiting- MSC Eviltwin Flaw
The SpiderLabs Research team recently observed an EncryptHub campaign that combines social engineering and the exploitation of the Microsoft Management Console (MMC): CVE-2025-26633. This vulnerability, dubbed MSC EvilTwin, allows the attacker to execute malicious .msc files. While the tactics observed align with previously reported methods, deeper investigations uncovered additional new tools used in EncryptHub campaigns. These activities are part of a broad, ongoing wave of malicious activity that blends social engineering with technical exploitation to bypass security defenses and gain control over internal environments.
EncryptHub (aka LARVA-208/Water Gamayun) is known for attacks targeting Web3 developers and abusing platforms like Steam. By February, at least 618 organizations worldwide had been compromised.
To read the complete article see: