An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader.
一款名为 Amadey 的信息窃取恶意软件正在通过另一个名叫SmokeLoader 的后门进行分发传播。
The attacks hinge on tricking users into downloading SmokeLoader that masquerades as software cracks, paving the way for the deployment of Amadey, researchers from the AhnLab Security Emergency Response Center (ASEC) said in a report published last week.
AhnLab 安全应急响应中心 (ASEC) 的研究人员在上周发布的一份 告中表示,这些攻击取决于诱使用户下载伪装成软件破解的 SmokeLoader,为部署 Amadey 铺平道路。
Amadey, a botnet that first appeared around October 2018 on Russian underground forums for $600, is equipped to siphon crendentials, capture screenshots, system metadata, and even information about antivirus engines and additional malware installed on an infected machine.
Amadey是一个僵尸 络,于 2018 年 10 月左右首次出现在俄罗斯地下论坛上,标价为 600 美元,它配备了凭证窃取、捕获屏幕截图、系统元数据,甚至有关防病毒引擎和安装在受感染机器上的其他恶意软件的信息。
While an update was spotted last July by Walmart Global Tech incorporated functionality for harvesting data from Mikrotik routers and Microsoft Outlook, the toolset has since been upgraded to capture information from FileZilla, Pidgin, Total Commander FTP Client, RealVNC, TightVNC, TigerVNC, and WinSCP.
虽然沃尔玛全球技术公司去年 7 月发现了一项更新,其中包含从 Mikrotik 路由器和 Microsoft Outlook 收集数据的功能,但该工具集已升级为从 FileZilla、Pidgin、Total Commander FTP Client、RealVNC、TightVNC、TigerVNC 和 WinSCP 捕获信息。
Its main goal, however, is to deploy additional plugins and remote access trojans such as Remcos RAT and RedLine Stealer, further enabling the threat actor to conduct an array of post-exploitation activities.
然而,它的主要目标是部署额外的插件和远程访问木马,例如Remcos RAT和RedLine Stealer,进一步使攻击者能够进行一系列利用后的活动。
Users are recommended to upgrade their devices to the latest versions of the operating system and the web browser to minimize potential infection routes and steer clear of pirated software.
建议用户将他们的设备升级到最新版本的操作系统和 络浏览器,以尽量减少潜在的感染途径并避开盗版软件。
善为士者不武,善战者不怒,善胜敌者不与,善用人者为之下。
——《道德经.第六十八章》
https://thehackernews.com/2022/07/smokeloader-infecting-targeted-systems.html
翻译水平有限 :(
有歧义的地方,请以原文为准 :)
声明:本站部分文章及图片源自用户投稿,如本站任何资料有侵权请您尽早请联系jinwei@zod.com.cn进行处理,非常感谢!