"New Windows Malware Bypasses Defender to Steal Crypto: How to Protect Your PC"
TL;DR Summary
Threat actors are exploiting a patched security flaw in Microsoft Windows, CVE-2023-36025, to deploy Phemedrone Stealer, an open-source information stealer targeting web browsers, cryptocurrency wallets, and messaging apps. The flaw allows attackers to bypass Windows Defender SmartScreen by tricking users into clicking on malicious Internet Shortcut files, leading to the execution of a control panel file that ultimately downloads and executes the stealer. Despite being patched, threat actors continue to find ways to exploit the vulnerability and evade protections, highlighting the need for ongoing vigilance in cybersecurity.
Topics:technology#cryptocurrency#cve-2023-36025#cybersecurity#phemedrone-stealer#threat-actors#windows-security
- Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer The Hacker News
- Windows PCs targeted by dangerous new threat that even gets around Defender - and even though there's a fix, you could still be at risk TechRadar
- Windows SmartScreen flaw exploited to drop Phemedrone malware BleepingComputer
- Trend Micro reveals new malware targeting crypto wallets on Windows crypto.news
- This data-stealing Windows malware bypasses Defender, but protecting your PC is easy Laptop Mag
Reading Insights
Total Reads
0
Unique Readers
1
Time Saved
2 min
vs 2 min read
Condensed
78%
395 → 87 words
Want the full story? Read the original article
Read on The Hacker News