Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11SolarMarker malware puts users at risk
The malware distributed in this campaign is SolarMarker (aka Jupyter, Polazert and Yellow Cockatoo), a .NET RAT that runs in memory and is used by attackers to reduce other payloads on devices. infected.
SolarMarker is designed to provide its masters with a backdoor to attack compromised systems and steal credentials from web browsers.
The data it manages to collect from infected systems is transferred to a control and control server. It will also infiltrate the Startup folder and modify the shortcuts on the victim's computer.
In April, eSentire researchers found that the threat actors behind SolarMarker flooded search results with more than 100,000 websites claiming to offer free office forms (e.g., invoices) , questionnaires, receipts and resumes).
Instead, however, they will act as traps for merchants looking for document templates and unwittingly infected with SolarMarker RAT by drive-by-drive downloads and redirecting searches through Shopify and Google Sites.
In more recent attacks discovered by Microsoft, attackers turned to keyword-stuffed documents hosted on AWS and Strikingly. Currently, they are targeting other sectors, including finance and education.
'Users use thousands of keyword-stuffed PDF documents and SEO links that redirect to malware. The attack works using PDF documents designed to rank search results. To achieve this, the attackers stuffed more than 10 pages of keywords on a variety of topics with these documents, ranging from 'insurance form', 'contract approval', 'how to enter SQL' to the 'math answer'.
When victims find one of the malicious PDFs and open them, they will be prompted to download another PDF or DOC document file containing the information they are looking for. Instead of gaining access to the information, they were redirected through multiple sites using the .site, .tk, and .ga TLDs to a Google Drive clone site containing the SolarMarker malware.
Morphisec researchers discovered that many of the malware's C2 servers are located in Russia, although many are no longer operational.
"TRU has not seen a target after the SolarMarker infiltration, but suspects any possibility, including ransomware, credential theft, fraud, or as a foothold in the victim's network for espionage, or intrusion," added eSentire's Threat Response Unit (TRU).
Samuel DanielYou should read it
- Alcohol poisoning: symptoms and treatment
- Risks from malware and how to prevent it
- Sophisticated spam Trojan unmatched
- How many types of malware do you know and how to prevent them?
- What is ARP Poisoning Attack? What can be done to prevent?
- Trojan 2.0 - Implications of Web 2.0 technology
- Yusufali-A - trojan against 'black web'
- Measures to treat and treat food poisoning at home
May be interested
- Devastated because the price of the seed is crazier than Bitcoin
the cocoa shortage not only puts traditional chocolate makers in germany and switzerland at risk of profits, their identity is also threatened as production costs rise. - Trojan 2.0 - Implications of Web 2.0 technologyfinjan malware research center has just released the fourth security risk report. accordingly, measures against traditional malware - signature-based (virus detection based on a database of known malware software) and
- 5 signs of computer infection with malwareusers should guard against malware when they see too many pop-up pages appear or some customizations are suddenly changed.
- Binder and Malware (Part 1)the malware issue is not new and we cannot chase them away immediately. in fact, we have spent a lot of money dealing with criminals using trojans, viruses and bots. not just users
- How many types of malware do you know and how to prevent them?currently, computer criminals use a lot of different malware (malware) to attack the system. here are some of the most common malware types and ways to prevent them.
- 10 typical malware typescurrently, more and more sophisticated and more malicious new malware types appear. anyone can know the harmful effects of malware, but not everyone knows how they work. this article will point out the 10 most dangerous types of malware ever.
- How to Report Tailgating in the UKif someone's following you too closely, it probably at least makes you nervous and might even make you angry. tailgating is a form of dangerous or anti-social driving that puts the driver, as well as other drivers on the roadway, at risk...
- Chrome 17 blocks malware that helps usersnine months after the test, the new chrome version has a mechanism to prevent users from accidentally downloading malicious software (malware) - google announced.
- What is Safe Malware? Why is it so dangerous?remote access trojan (rat) is a type of malware that allows hackers to monitor and control the victim's computer or network.
- Can a VPN Fight Malware?sure, a vpn can help you maintain your privacy and security online. but can it protect you from malicious programs? can a vpn keep you safe from malware and viruses like antivirus vendors do?
Attack the network
- Hackers can spy on Samsung users with pre-installed apps
- Detecting new culprits attacking Windows 10
- Warning of Critical Vulnerability Affecting Realtek Wi-Fi Modules
- Mysterious cyber attack paralyzes the world's largest meat supplier
- This new ransomware is threatening unpatched Microsoft Exchange servers
- What malicious code is designed to spread through IoT devices?
Hackers can spy on Samsung users with pre-installed apps
Detecting new culprits attacking Windows 10
Warning of Critical Vulnerability Affecting Realtek Wi-Fi Modules
Mysterious cyber attack paralyzes the world's largest meat supplier
This new ransomware is threatening unpatched Microsoft Exchange servers
What malicious code is designed to spread through IoT devices?