Novel infostealer spread via Windows Defender SmartScreen flaw

Attacks leveraging an already patched Windows Defender SmartScreen bypass flaw, tracked as CVE-2023-36025, have been launched to facilitate the distribution of the novel Phemedrone Stealer malware, according to The Register. Numerous Chromium-based browsers and apps, including Google Authenticator, Microsoft Authenticator, LastPass, NordPass, KeePass, and Duo Mobile, have been targeted by Phemedrone for exfiltration of geolocation information, operating system details, and other telemetry, a report from Trend Micro revealed.

Source: SC Magazine

 


Date:

Categorie(s):