CrowdStrike warns that hackers are adding malicious functionality to self-extracting SFX archives containing harmless honeypot files that can launch PowerShell. This simple trick allows attackers to plant backdoors on victims’ machines without raising an “alarm”. Let me remind you that we also wrote that Attackers target .NET Developers with Malicious NuGet Packages, and also that… Continue reading SFX Archives Can Sneakily Launch PowerShell
Tag: PowerShell
Qakbot Malware Applies New Distribution Methods
Today there is an arms race between cybercriminals and antimalware manufacturers. While some release a fix for an existing threat, others must develop new loopholes. Recently, cybersecurity experts noticed that many malware families were using OneNote attachments to infect their victims. Since OneNote is considered a robust application that Microsoft has developed for easy note-taking,… Continue reading Qakbot Malware Applies New Distribution Methods
New PowerShell Backdoor Masquerades as a Windows Update
Cybersecurity experts from SafeBreach have found a new, previously undocumented and “undetectable” PowerShell backdoor, which hackers actively use and has been used to attack at least 69 targets. Let me remind you that we also wrote that Germans Interested in the Situation in Ukraine Are Attacked by the PowerShell RAT Malware. The backdoor spreads through… Continue reading New PowerShell Backdoor Masquerades as a Windows Update