Subj : This dangerous new malware is hitting Windows devices by hiding i To : All From : TechnologyDaily Date : Thu Nov 07 2024 15:30:04 This dangerous new malware is hitting Windows devices by hiding in games Date: Thu, 07 Nov 2024 15:25:10 +0000 Description: Some performance boosters and optimizers are hiding a terrible secret - a very powerful malicious framework. FULL STORY ======================================================================Security researchers spot new malware framework called Winos4.0 It is capable of monitoring the clipboard, gathering system information, and more The attackers seem to be targeting the educational sector Experts have detected a new malicious software framework targeting Windows users by hiding in games and game-related software. A report from cybersecurity researchers FortiGuard Labs, which named the framework Winos4.0, claims hackers have been advertising different installation tools, performance boosters, optimizers, and similar fake software that actually infects the targets with Winos4.0, an advanced version of Gh0strat. Winos4.0 is capable of monitoring the clipboard, gathering system information, checking for antivirus software, grabbing information from cryptocurrency wallet extensions, and more. Winos4.0 attacks Usually, software frameworks such as this one are capable of causing plenty of damage. Compared to simple malware , a framework provides an environment for deploying, managing, and controlling different malware tools and modules, as part of a coordinated attack. Frameworks are modular and allow attackers to tailor and control attacks based on their objectives and responses from target systems. When it comes to the campaigns success, and potential victims, FortiGuard Labs does not go into much detail, aside that the victims were most likely in the education industry: Analysis of the decoded DLL file reveals a potential targeting of the education sector, as indicated by its file description, (Campus Administration), the researchers said at one point of the report. In another, they described a DLL file named , meaning Student Registration System, - another piece of evidence suggesting that the attackers could be targeting educational organizations. Winos4.0 is a powerful framework, similar to Cobalt Strike and Sliver, that can support multiple functions and easily control compromised systems. Threat campaigns leverage Game-related applications to lure a victim to download and execute the malware without caution and successfully deploy deep control of the system, the researchers warned. The entire attack chain involves multiple encrypted data and lots of C2 communication to complete the injection. Users should be aware of any new application's source and only download the software from qualified sources. Via Infosecurity Magazine You might also like Dangerous LightSpy malware is now targeting macOS devices here's what we know Here's a list of the best firewalls today These are the best endpoint protection tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/this-dangerous-new-malware-is-hitting-w indows-devices-by-hiding-in-games --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .