Microsoft details how financially motivated hackers targeted Windows users – Times of India

Microsoft details how financially motivated hackers targeted Windows users - Times of India

Microsoft has said that it has disabled Windows. App Installer Protocol Handler After multiple financial incentives Hackers misused it to infect Windows machines. Malware. The company explained how cybercriminals distributed the malicious software from mid-November 2023.
Microsoft also stated that this vulnerability could be exploited by ransomware distribution packages that use malicious ad-supported websites for legitimate popular software.
“Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors such as Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, ms- using the appinstaller URI scheme (App Installer),” the company said.
How did the attackers target Doshiza?
Microsoft says attackers exploited the vulnerability to bypass security measures that would otherwise protect. Windows users From malware they include Defender SmartScreen anti-phishing and anti-malware components, as well as built-in browser alerts that warn users of executable file downloads.
In early December 2023, Microsoft observed that a hacking group distributed fake software such as Zoom, Tableau, TeamViewer and AnyDesk through a method called search engine optimization (SEO) poisoning, essentially downloading legitimate software. Forging loads.
These options were offered to users who searched for a legitimate software application on Bing or Google. Spoofing or impersonation is a popular social engineering tactic to target users.
Users who clicked on links to these fake apps were offered a desktop app installer experience. If the user clicks “Install” in the desktop app installer, the malicious application is installed and eventually runs additional processes and scripts that lead to malware installation.
How to protect yourself
Although Microsoft has already disabled the protocol that was exploited, users should always be vigilant about the platform that is offering the software to download. URLs should also be monitored and software checked for spelling errors. Always download software from official websites.

Windows users,Microsoft,Malware,Hackers,App Installer Protocol Handler

Be the first to comment

Leave a Reply

Your email address will not be published.