"DarkGate Malware Exploits Windows SmartScreen Flaw in Zero-Day Attack"

March 13, 2024 at 09:26 PM

•

1 min read

"DarkGate Malware Exploits Windows SmartScreen Flaw in Zero-Day Attack" — Photo: BleepingComputer

TL;DR Summary

DarkGate malware operators are exploiting a now-fixed Windows Defender SmartScreen vulnerability to automatically install fake software installers and drop their malware onto targeted systems. The flaw, tracked as CVE-2024-21412, allows specially crafted downloaded files to bypass security warnings. The attack involves a complex and multi-step infection chain, utilizing malicious emails, open redirects, Windows shortcuts, and MSI files masquerading as legitimate software. Trend Micro has detailed the DarkGate infection chain and published indicators of compromise (IoCs) for this campaign, urging users to apply Microsoft's February 2024 Patch Tuesday update to mitigate the risk.

Topics:technology #cybersecurity #darkgate #malware #trend-micro #vulnerability #windows-smartscreen

Share this article

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware BleepingComputer
DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack The Hacker News
Recent DarkGate campaign exploited Microsoft Windows zero-day Security Affairs
DarkGate malware spread via Windows SmartScreen bug abuse SC Media
DarkGate Exploit Targets Full Control Of Unpatched Windows PCs So Update ASAP Hot Hardware

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

82%

508 → 92 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights