• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new rig exploit kit campaign infecting victims' pcs with redline

New RIG Exploit Kit Campaign Infecting Victims’ PCs with RedLine Stealer

You are here: Home / General Cyber Security News / New RIG Exploit Kit Campaign Infecting Victims’ PCs with RedLine Stealer
April 28, 2022

A new campaign leveraging an exploit package has been observed abusing an Internet Explorer flaw patched by Microsoft previous calendar year to deliver the RedLine Stealer trojan.

“When executed, RedLine Stealer performs recon from the target program (including username, hardware, browsers put in, anti-virus computer software) and then exfiltrates facts (together with passwords, saved credit rating cards, crypto wallets, VPN logins) to a distant command and regulate server,” Bitdefender reported in a new report shared with The Hacker Information.

Most of the bacterial infections are located in Brazil and Germany, followed by the U.S., Egypt, Canada, China, and Poland, amongst some others.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Exploit kits or exploit packs are comprehensive applications that include a assortment of exploits created to just take advantage of vulnerabilities in commonly-made use of software program by scanning contaminated programs for distinct types of flaws and deploying extra malware.

CyberSecurity

The major infection process made use of by attackers to distribute exploit kits, in this circumstance the Rig Exploit Kit, is by way of compromised internet sites that, when visited, drops the exploit code to in the end send out the RedLine Stealer payload to carry out adhere to-on attacks.

RIG Exploit Kit

The flaw in query is CVE-2021-26411 (CVSS score: 8.8), a memory corruption vulnerability impacting Internet Explorer that has been previously weaponized by North Korea-joined risk actors. It was resolved by Microsoft as section of its Patch Tuesday updates for March 2021.

“The RedLine Stealer sample shipped by RIG EK comes packed in a number of encryption levels […] to stay away from detection,” the Romanian cybersecurity agency famous, with the unpacking of the malware progressing as a result of as lots of as 6 phases.

CyberSecurity

RedLine Stealer, an info-stealing malware offered on underground community forums, arrives with features to exfiltrate passwords, cookies and credit card data saved in browsers, as effectively as crypto wallets, chat logs, VPN login credentials and text from information as for each commands acquired from a distant server.

This is considerably from the only campaign that involves the distribution of RedLine Stealer. In February 2022, HP in-depth a social engineering attack making use of pretend Windows 11 improve installers to trick Windows 10 users into downloading and executing the malware.

Discovered this report appealing? Stick to THN on Facebook, Twitter  and LinkedIn to study much more unique material we post.


Some pieces of this article are sourced from:
thehackernews.com

Previous Post: «u.s cybersecurity agency lists 2021's top 15 most exploited software U.S Cybersecurity Agency Lists 2021’s Top 15 Most Exploited Software Vulnerabilities
Next Post: Twitter’s New Owner Elon Musk Wants DMs to be End-to-End Encrypted like Signal twitter's new owner elon musk wants dms to be end to end»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • How To Comply With The Cyber Insurance MFA Checklistwww.silverfort.comMulti-Factor AuthenticationLearn how to comply with the checklist of resources requiring MFA coverage in cyber insurance policies.
  • Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support

Copyright © TheCyberSecurity.News, All Rights Reserved.