Hackers are now targeting Windows driver flaw for malware | Tech Reader

Date:

Share:



As if there weren’t enough threats to your Windows computer already, here is another one to be careful with. Kaspersky reports that tens of thousands of compromised PCs are infected as cybercriminals advertise fake activators and cracks to lure in unsuspecting users for distinct software such as AutoCAD, JetBrains, and Foxit PDF Editor.

The malicious package named SteelFox has been quietly spreading since February 2023, but its distribution has exploded recently. The malware is dispersed using torrent trackers and forums, where it is used as a tool to activate authentic versions of the previously mentioned software.

The experts at Kaspersky warn that the malware mimics cryptocurrencies and steals sensitive financial and non-financial information from your devices. When you install the fake crack, a vulnerable driver called WinRingO.sys is added that restores CVE-2021-41285 and CVE-2020-14979, four- and three-year-old vulnerabilities that give hackers full access to your PC.

When hackers access these vulnerabilities, they insert XMRig, a program that steals computer resources to mine cryptocurrency, an attack known as cryptojacking. XMRig uses your electricity, PC power, and the internet to mine Monero and other cryptocurrencies, making your PC useless. An info stealer is also inserted to retrieve data from 13 web browsers, including browsing history, credit card info, session cookies, network data, and system information. A Remote Desktop Protocol (RDP) connection is also established.

The report also mentioned a malicious post that included complete instructions on how to launch the software illegally. Further, Kaspersky says that “the execution chain looks legitimate until the moment the files are unpacked.” The damaging software is inserted in the process and adds the machine code that launches Steelfox.

Kaspersky also says it has blocked 11,000 attacks thus far, but the number can easily be much higher. Affected users are worldwide, including in countries such as Mexico, Brazil, Russia, China, UAE, Algeria, Egypt, Vietnam, Sri Lanka, and India.

You can stay safe by only downloading software from legitimate sources, and having top-tier antivirus software such as Bitdefender is a great idea.








Source link

━ more like this

PUBG is getting a 5v5 top-down shooter spinoff in 2025 | Tech Reader

Krafton and PUBG Studios unveiled Project ARC today. It’s a spinoff of the popular game PlayerUnknown’s Battlegrounds, but trades in the third-person battle...

Best early Black Friday laptop deals 2024: Up to 39% off Acer, Apple, Dell | Tech Reader

Update 11/7/24: Black Friday is still a few weeks away, but we’ve started gathering offers for those who already want to buy a...

Best early Black Friday MacBook deals: MacBook Air M2 is 25% off | Tech Reader

Update 11/7/24: It’s still a few weeks before Black Friday hits, but you can already start your shopping for a MacBook with these...

Early Black Friday QLED TV deals: 30% off TCL, Vizio, Samsung | Tech Reader

Update 11/7/24: Black Friday isn’t happening any time soon, but if you’re itching to get some shopping done to upgrade your home theater...

Google’s Vids AI video maker is rolling out to most Workspace tiers

We’re in a new age of AI now. Google has an AI video maker available on select Workspace editions. runs on Google’s AI...
spot_img