"Windows SmartScreen Vulnerability Exploited to Deliver Phemedrone Malware and Information Stealer"
TL;DR Summary
A new information-stealing malware called Phemedrone is exploiting a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts and harvest data from web browsers, cryptocurrency wallets, and various software applications. The flaw, fixed during November 2023 Patch Tuesday, allows attackers to trick victims into opening malicious URL files, leading to the execution of a PowerShell loader and the theft of sensitive information. Trend Micro reports that Phemedrone targets a wide range of applications and data, and has published indicators of compromise for this campaign.
- Windows SmartScreen flaw exploited to drop Phemedrone malware BleepingComputer
- Windows PCs targeted by dangerous new threat that even gets around Defender - and even though there's a fix, you could still be at risk TechRadar
- Windows Defender SmartScreen Vulnerability Exploited with Phemedrone Stealer HackRead
- Information Stealer Exploits Windows SmartScreen Bypass SecurityWeek
- Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025) Help Net Security
Reading Insights
Total Reads
0
Unique Readers
1
Time Saved
2 min
vs 3 min read
Condensed
83%
505 → 85 words
Want the full story? Read the original article
Read on BleepingComputer