看到OS更新畫面請確認真假,駭客組織Mad Liberator藉此隱匿資料竊取行為
支付動態 · 2024-08-20
掩蓋竊取電腦資料的攻擊行動出現新的手法,有研究人員發現,勒索軟體駭客組織Mad Liberator假借視窗作業系統更新的名義,並讓使用者無法使用鍵盤和滑鼠,然後再竊取受害電腦的特定資料
一旦成功建立連線,攻擊者就會傳送名為Microsoft Windows Update的執行檔並開啟。而這個程式的作用,就是模仿作業系統更新的畫面,讓使用者誤以為電腦正在安裝更新程式。研究人員指出,由於這支程式不會執行其他惡意行為,大部分的防毒軟體並未視為有害。
為了避免使用者按下Esc鍵讓程式停止運作拆穿計謀,這些駭客濫用AnyDesk的功能,停用用戶端的鍵盤及滑鼠。
正當用戶以為電腦在執行系統更新作業的時候,駭客透過AnyDesk進行遠端存取,先是存取受害者的OneDrive帳號、網路共享資料夾,然後藉由AnyDesk的檔案傳輸功能將偷到的資料外流,並留下勒索訊息。接著,駭客利用Advanced IP Scanner試圖尋找其他下手目標。
這起攻擊行動持續了接近4個小時,攻擊者最終切斷AnyDesk連線,並留下作案的檔案,但並未使用工作排程或其他自動化的方式再度啟動。對此,研究人員呼籲,企業應管制AnyDesk存取控制名單,僅允許來自指定設備的連線,避免遭遇類似的攻擊。
熱門文章
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
British gambling levy rates confirmed for each vertical
Regulation
Kazakhstan plans to penalise online casino promotions
Regulation
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
1spin4win releases unique slot Don Catleone Hold and Win featuring gangster cats
Online Game
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
