Threat Intelligence Report

Operation MoneyMount-ISO — Deploying Phantom Stealer via ISO-Mounted Executables | Seqrite

📅 December 13, 2025 📰 www.seqrite.com 🔍 0 CVE(s) referenced

A sophisticated Russian phishing campaign is targeting finance-related sectors with payment-themed emails that deliver the Phantom Stealer malware via ISO-mounted executables, enabling extensive credential, crypto wallet, and sensitive data theft while evading detection through advanced anti-analysis and multi-channel exfiltration tactics.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle