Login Register

Hackers have found a new way to smuggle Malware onto your device

By Dr.Dang May 26, 2022, 5:03 p.m.
Hackers have found a new way to smuggle Malware onto your device

Cyber organized criminals, and especially hackers have engaged in a variety of crimes, including fraud, hacking, <u>malware creation</u> and distributions. Last year, they delivered a wave of cyber attacks that were not just highly coordinated, but far more advanced than ever before seen. It was simple endpoint attacks that became complex, multi-stage operations.

Hackers have found a new way to smuggle Malware onto your device

As mentioned, Malware was a new trick employed to attack and hit small businesses and huge corporations. Research done recently showed that the actors would send, “Remittance Invoice" through your email, and this will give you a hope knowing some cash will be paid to your account.

The legitimacy of the victim's email would be evidence from the PDF file as a Word or in Excel which is totally disbelieving. This has created fear for most customers as they cannot trust their devices and accounts or do other online business. What's the secret? Let's see.

How hackers smuggle malware. 

“Has been verified", this is always a word document that comes within the PDF. Victims will be eager to open the attachment, here, they will be inquired whether or not to open the second file. Nevertheless, "PDF, xlsx, docx files may contain programs, macros, or viruses." The samples above deludes the unfortunate persons to believe that their PDF reader 

Clicking the second file will lead to a rich text format (RTF) being downloaded from a remote location. Furthermore, Snake Keylogger, malware described by BleepingComputer as a “modular info-stealer with powerful persistence, defense evasion, credential access, data harvesting, and data exfiltration capabilities”.

 For the  attack  to be well and go through, the target endpoints need to be vulnerable to a specific flaw. Further research showed that CVE-2017-11882, is a remote code execution vex in Equation Editor. About five years ago, the flaw was darn excluding administrators' devices being updated. In 2018, most of the consumers found it well organized and slow to patch on, leading to its popularity.

<u>HTML smuggling</u>," as the name suggests, enables an attacker  to “smuggle” an encoded malicious script within a specially crafted HTML attachment or web page. When a target user or the consumers opens it in their web browser, the browser decodes the malicious script, which in turn, assembles the payload on the host device. This has made most people worry about their devices and accounts as technology advances. We see the vice versa as hackers go happily contrary to the hosts.

Do you find this content interesting?
This is just a MIRROR ! Find us via our Main TOR domain
And Let us know by leaving a comment and a rating.

Also, don't forget to follow our Official Telegram Channel to stay informed and safe by Reading  NOIRdotNEWS


Please visit our onion version to comment.