Security News > 2024 > June > Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
2024-06-17 06:28
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system," German
News URL
https://thehackernews.com/2024/06/hackers-exploit-legitimate-websites-to.html
Related news
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- US offers $2.5 million reward for hacker linked to Angler Exploit Kit (source)
- Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack (source)
- North Korean hackers exploit Chrome zero-day to deploy rootkit (source)
- North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit (source)
- Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE (source)
- GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware (source)
- Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks (source)