2/14/2024 0 Comments Malwarefox reddit![]() Purple Fox also is using a previous tactic to infect machines with malware through a phishing campaign, sending the payload via email to exploit a browser vulnerability, researchers observed. The first is that the new worm payload executes after a victim machine is compromised through a vulnerable exposed service (such as SMB). Researchers analyzed Purple Fox’s latest activity and found two significant changes to how attackers are propagating malware on Windows machines. In addition to these new worm capabilities, Purple Fox malware now also includes a rootkit that allows the threat actors to hide the malware on the machine and make it difficult to detect and remove, he said. “Guardicore Labs have identified a new infection vector of this malware where internet-facing Windows machines are being breached through SMB password brute force,” Guardicore Labs’ Amit Serper said. ![]() Purple Fox, which first appeared in 2018, is an active malware campaign that until recently required user interaction or some kind of third-party tool to infect Windows machines. However, the attackers behind the campaign have now upped their game and added new functionality that can brute force its way into victims’ systems on its own, according to new Tuesday research from Guardicore Labs. A malware that has historically targeted exposed Windows machines through phishing and exploit kits has been retooled to add new “worm” capabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |