New XWorm malware attacks involve Follina flaw exploitation

Ongoing phishing attacks have been distributing the XWorm malware through a novel attack chain involving the exploitation of the Follina vulnerability, tracked as CVE-2022-30190, and the use of a meme-filled PowerShell code, according to The Hacker News. Such a campaign, which has been attributed to the MEME#4CHAN activity cluster, leverages Microsoft Word files using CVE-2022-30190, to facilitate the deployment of an obfuscated PowerShell script that is then exploited to evade anti-malware and Microsoft Defender scans and deploy the XWorm-containing .NET binary, a report from Securonix showed.

Read full article on SC Magazine

 


Date:

Categorie(s):

Tag(s):