Hackers Use Trojanized Windows 10 Installer To Attack Against Government Entities

17 December 2022

Mandiant recently identified that in a targeted attack on Ukrainian government entities, trojanized ISO files were used by threat actors to cloak malicious programs posing as legitimate Windows 10 installers for the first step in compromising their networks. Malicious installers are delivering malware that could perform a wide range of malicious activities, including:- Monitoring compromised computers for the purpose of collecting data The deployment of additional malicious tools Data exfiltration to servers controlled by attackers Trojanized Windows 10 Installer An ISO that was part of the campaign was hosted on the Ukrainian torrent tracker “toloka[.]to” has been found to be created in May 2022 by a user that is delivered in this campaign.

Read full article on GBHackers

Date:

17 December 2022

Categorie(s):

NEWS

Tag(s):

Cyber Attack, Cyber Threats, Entities, Hacking, Installer

Finnish online banking accounts subjected to Android malware attacks6 May 2024
New LockBit details to be divulged in reborn extortion site6 May 2024
Czechia, Germany targeted by long-term APT28 cyberespionage campaign6 May 2024
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices6 May 2024
What Palo Alto Networks and CrowdStrike Teach us About Using a Mobile Defense Platform6 May 2024