top of page

Malvertising Alert: Deceptive Windows News Portal Exploited in Latest Cybersecurity Threat

In a recent discovery, a new malvertising campaign is making waves by utilizing fake Windows news portals to distribute malicious installers. Cybersecurity experts are on high alert as the campaign employs deceptive tactics, with a particular focus on mimicking popular sites like WindowsReport[.]com.


Unveiling the Malicious Scheme


The malicious campaign centers around a fake Windows news portal that impersonates legitimate sites to distribute a malicious installer for CPU-Z, a widely used system profiling tool. Cybersecurity researchers, including Jérôme Segura from Malwarebytes, have identified a larger pattern targeting utilities like Notepad++, Citrix, and VNC Viewer.


Cloaked Deception


The attackers deploy a sophisticated cloaking technique, presenting an innocuous blog to users not intended as victims. The goal is to lure unsuspecting users searching for CPU-Z on search engines, redirecting them to the deceptive portal (workspace-app[.]online).


Behind the Scenes: Malicious Payload


The rogue website hosts a signed MSI installer containing a malicious PowerShell script, specifically the FakeBat loader (aka EugenLoader). This loader serves as a conduit to deploy RedLine Stealer on compromised hosts, highlighting the sophistication of the threat.


Ongoing Trends in Cyber Threats


This incident follows a trend where cybercriminals exploit deceptive Google Ads for popular software to distribute malware. Last week, eSentire disclosed details of the Nitrogen campaign, revealing a growing reliance on adversary-in-the-middle (AiTM) phishing kits and drive-by download methods.


Wiki-Slack Attack Emerges


Adding to the complexity, a new method dubbed the Wiki-Slack attack has been identified. This user-direction attack leverages a quirk in Slack to lead victims to attacker-controlled websites by manipulating Wikipedia article previews shared on Slack.


Cybersecurity Vigilance Required


As threat actors continuously evolve their tactics, cybersecurity experts emphasize the need for heightened vigilance. The community is urged to stay informed, implement robust security measures, and remain cautious while navigating online platforms.

2 views0 comments

Recent Posts

See All

Bình luận


bottom of page