November 22, 2024

Valley Post

Read Latest News on Sports, Business, Entertainment, Blogs and Opinions from leading columnists.

EMERGENCY NOTICE: Never “copy and paste” this text

EMERGENCY NOTICE: Never “copy and paste” this text

Is Google Chrome asking you to copy and paste the code? Be careful, it may be one Fraud to steal money.

I discovered an internet security company A new technology has the potential to become money-stealing malware. However, fraud can be easily detected and avoided.

Researchers observed this technology as early as March 2024
the Proofpoint, a cybersecurity company, has flagged an ongoing campaign, which mimics the official popup and guides the user with scripts. By following these instructions, he has the ability to steal money. Proofpoint researchers have identified an increasingly popular technique that takes advantage of the unique mechanisms of PowerShell execution and malware installation.

The company says it has “noticed an increase in technology that leverages unique social engineering that directs users to copy and paste malicious PowerShell scripts to infect their computers with malware.”

What is this theft malware?

Experts warn that whether the initial campaign was initiated via spam or delivered via a web browser, the technique is similar. Users are presented with a pop-up text box indicating an error while trying to open the document or web page, and are directed to copy and paste a malicious script into a PowerShell terminal or Windows Run dialog box to eventually execute the script via PowerShell.

Research also shows that cyber criminals use it The technique and you have delivered it to multiple forms of malware.

Same thing via email

Apart from Google Chrome, the same can also be in the form of email lures. Emails, usually those that appear to be business or company related, will contain a HyperText Markup Language file that looks like Microsoft Word and contains a variety of error messages.

See also  Overwatch 2: Intense scream and blast review on Metacritic

Similarly, Prompting users to open PowerShell and copying through malicious code, In a deceptive “campaign” that Proof Point said was widespread. This technique was observed by experts as early as March 2024 by TA571 and in early April by the ClearFake group, as well as in early June by both groups.

How to avoid malware theft?

Although it seems overwhelming, it’s easy to figure out. To avoid this scam, The main feature of the scam is that you will see a pop-up text indicating that an error occurred while trying to open the document or web page. The pop-up window provides instructions for copying and pasting the text either into the PowerShell terminal or into the Windows Run dialog.

On the surface, one might assume that it would be easy to recognize this as unusual and ignore it. But Proofpoint warns, “Although the attack chain requires significant user interaction to be successful, social engineering is clever enough to present what looks like a real problem and a real solution to someone at the same time, which may prompt the user to take action without Looking at the risk.”

The focus seems to be on a lot of installed malware Stealing credentials as well as enabling fraudulent crypto transactionswhere the user uses the device to make their own encryption transfers.

Experts warn that this attack chain requires significant user interaction to be successful.