Security News > 2023 > September > Windows cryptomining attacks target graphic designer's high-powered GPUs
Cybercriminals are leveraging a legitimate Windows tool called 'Advanced Installer' to infect the computers of graphic designers with cryptocurrency miners.
The attackers promote installers for popular 3D modeling and graphic design software such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro, likely through black hat search engine optimization techniques.
These installers include hidden malicious scripts that infect downloaders with remote access trojans and cryptomining payloads.
Cisco's analysts have observed two distinct attacks used in this campaign.
The two attack methods differ in the scripts executed, the complexity of the infection chain, and the final payloads dropped on the target device.
The first method, which delivers a backdoor payload, could be chosen by the attackers in cases where maintaining discreet, prolonged access to target systems is the primary goal.
News URL
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)