Recent StrelaStealer activity continues leveraging WebDAV servers to distribute malware. Since late January 2025, decoy PDF files have been observed during the infection process. The WebDAV and C2 server at 193.143.1[.]205 remains active, hosting both the decoy PDF and StrelaStealer malware as of February 10, 2025....