以提供特定資安廠商SSL VPN軟體為誘餌,攻擊者鎖定中東組織散播冒牌程式
支付動態 · 2024-09-03
研究人員發現,有人假借提供Palo Alto Networks的SSL VPN應用程式GlobalProtect為由,疑似意圖藉此在受害電腦植入惡意程式,然後進一步存取企業內部網路環境
此惡意程式執行的過程裡,會檢查受害電腦是否為沙箱環境,然後將系統資訊回傳C2。該惡意程式可接收攻擊者的PowerShell指令碼並執行,或是產生處理程序、上傳或下載檔案。為了迴避偵測,攻擊者在進行通訊的命令及資訊,皆透過AES演算法處理。
值得留意的是,攻擊者為惡意程式加入Beacon的功能,源自於資安人員進行滲透測試時會利用的漏洞利用檢驗工具Interactsh,而有可能減少被視為異常的情況,而且,駭客使用含有阿拉伯聯合大公國大型城市沙迦的網域名稱sharjahconnect,使得目標用戶更容易上當。
Popular articles
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Indiana online casino bill stalls in House committee
Regulation
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
British gambling levy rates confirmed for each vertical
Regulation
