Who is PhantomControl?

PhantomControl is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does PhantomControl exploit?

Specific CVE exploitation data for PhantomControl is being tracked. Check the Strobes VI threat actor profile for updates.

PhantomControl

Exploited CVEs

Overview

PhantomControl is a sophisticated threat actor that emerged in November 2023. They utilize phishing emails as their initial infection vector and employ a ScreenConnect client to establish a connection for their malicious activities. Their arsenal includes a VBS script that hides its true intentions and reveals a complex mechanism involving PowerShell scripts and image-based data retrieval. PhantomControl has been associated with the Blind Eagle threat actors, showcasing their versatility and reach.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database