“We came across one particular post on Twitter that advertises “Facebook Secrets,” along with a shortened link. Clicking the link leads the user to a site that automatically downloads an .EXE file into the user’s system.
This downloaded file, download-video.exe, is actually a downloader malware, which we detect as TROJ_DLOADE.DND. This starts a chain of downloaded and dropped files into the system. In order to avoid suspicion, these files use legitimate-sounding file names like flash.exe.” states a post post.
“The site is written in Turkish and phrases such as ‘bitter words,’ ‘heavy lyrics,’ ‘meaningful lyrics,’ ‘love messages,’ and ‘love lyrics’ appear on the page. This routine could be a part of a click fraud or redirection scheme,” states TrendMicro.
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by…
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
This website uses cookies.