Windows PCs targeted by new malware hitting a vulnerable driver
techradar.com
- Security researchers observed a new threat campaign dubbed SteelFox
- It uses fake activators and cracks to deploy a vulnerable driver, an infostealer, and a cryptominer
- The victims are found all over the world, from Brazil to China
Hackers are targeting Windows systems with malware that mines cryptocurrencies and steals sensitive information from the devices, experts have warned.
A new report from Kaspersky claims to have spotted tens of thousands of infected endpoints already, as the cybercriminals have started advertising fake cracks and activators for different commercial software, such as Foxit PDF Editor, JetBrains, or AutoCAD.
The fake cracks come with a vulnerable driver called WinRing0.sys. By adding this driver to the system, the victim reintroduces CVE-2020-14979 and CVE-2021-41285, three- and four-year-old vulnerabilities that grant the attackers highest possible privileges.
SteelFox
Through these vulnerabilities, the crooks are able to drop XMRig, one of the most popular cryptojackers ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE