AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Windows security alert: Phemedrome malware bypasses Microsoft Defender

Treacherous overtake: Phemedrome malware leaves Microsoft's defenses behind

A malware called Phemedrome is attacking Windows systems by exploiting a security flaw in Microsoft Defender SmartScreen to steal data.

This pill is also available in Italian language

Microsoft is faced with a new security vulnerability, caused by the malware called Phemedrome, capable of evading Windows defenses. This malicious software arrives just as the Redmond company was preparing to celebrate the launch of the mobile versions of the Copilot artificial intelligence. Phemedrome has launched a sneaky cyber attack that exploits a widely used flaw in the operating system.

Phemedrome attack methodology: a multipurpose trojan

The Phemedrome Trojan was designed to steal sensitive data such as passwords, cookies and access tokens, operating across browsers, messaging clients, gaming and cryptocurrency platforms. The malware has the ability to capture screenshots and collect accurate metadata, including users' geographic location information. The stolen data is then directed to attackers for further abuse or for sale in dark areas of the network.

Exploit of a critical vulnerability in Microsoft Defender SmartScreen

According to certain sources, Phemedrome manages to exploit a vulnerability (CVE-2023-36025) in Microsoft Defender SmartScreen, which does not detect malicious URL files. Despite a patch update released by Microsoft, the vulnerability was actively exploited, resulting in significant impacts on user security.

Malware and ransomware target Microsoft's SmartScreen flaw

Trend Micro research reveals that Phemedrome is not the only malware that targeted the breach in Windows Defender SmartScreen: dangerous ransomware also performed similar attacks. Users would be exposed by clicking malicious links that exploit the vulnerability, as reported in security bulletin CVE-2023-36025.

Follow us on Google News for more pills like this

01/25/2024 22:07

Marco Verro

Last pills

Italy's success in cybersecurityHow Italy achieved excellence in global cybersecurity: strategies, collaborations, and international successes

IntelBroker alleged breach of Deloitte systemsServer exposed: how Deloitte's security may have been compromised by a cyber attack

Vo1d infections on Android TV boxes: how to protect your devicesLearn the essential measures to protect your Android TV boxes from the dreaded Vo1d malware and keep your devices safe from cyber threats

Hacker attack in Lebanon: Hezbollah under fireTechnological shock and injuries: cyber warfare hits Hezbollah in Lebanon