Recent analytical findings from Dr.Web have revealed hackers actively targeting users with a malicious Chrome update which runs s backdoor on the target device which then allows the later malware attacks.
This phishing campaign is in the wild where the hackers are spreading malware after hacking different websites. They first manage admin access to the target websites and install malicious JavaScript code on the corrupted pages.
When a visitor clicks the inflicted pages, it redirects the user to the phishing website. This site cajoles the visitor to download a fake Chrome browser update.
Since the phishing page looks legitimate users click on the download button and unknowingly access the backdoor.
Operating the installer creates a folder in the %userappdata% directory containing files for the TeamViewer app. It then extracts two password-protected SFX archives, one of which is a malicious msi.dll library which aids in establishing the unauthorized connection to the target device. The second archive includes a script to bypass Microsoft AV detection.
This is the modus operandi in short.
Once the presence is consolidated hackers may then use the backdoor to deliver payloads such as keyloggers, infostealers or trojans for remote connection.
Presently, these attacks are based on location and browser. They are particularly targeting users of the Chrome browser in the USA, UK, Canada, Australia, Israel, and Turkey.
By now the hackers have corrupted different WordPress CMS-based websites to spread malware.
ISOEH is the organization that educates the cyber interested in ethical hacking.
Read more stories on cyber security: https://www.isoeh.com/exclusive-blog-details-Attention-Tik-Tokers-Your-videos-are-viral-in-more-ways-than-expected.html
With world working from home, it's time to make it enjoyable and effective.
Read DetailsUFTP is an encrypted multicast file transfer program for secure, reliable & efficient transfer of files. It also helps in data distribution over a satellite link.
Read Details