Chinese APT Hackers Attack Windows Users via FakeNarrator Malware to Implant PcShare Backdoor

[correlate]

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Content source
https://gbhackers.com/fakenarrator-malware/?fbclid=IwAR2cMi1ufa-HAIaQQCjPRTb8RKB4_wzYrIg1vPswy6o2KMZFwIo20wnXPc4
Chinese APT hackers launching a FakeNarrator malware to attack technology companies using windows computers and implant modified version of open-source PcShare backdoor.

Threat actors loaded this open-source software in victims machine with the help of legitimate NVIDIA application and also deploy the FakeNarrator screen reader application to replace the Windows built-in Narrator, a free screen reader in Microsoft Windows nad bypass the Windows “Easy access” feature
Click to expand...

gbhackers.com

Chinese APT Hackers Attack Windows Users via FakeNarrator Malware to Implant PcShare Backdoor

Chinese APT hackers launching a FakeNarrator malware to attack technology companies using windows computers and implant modified version of open-source PcShare backdoor.
gbhackers.com gbhackers.com
 
  • Like
Reactions: upnorth, Andy Ful, Venustus and 2 others
N

notabot

Level 15
Verified
Oct 31, 2018
703
  • Like
Reactions: harlan4096, Venustus and [correlate]
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
notabot said:
How did they start the chain though/deliver the exploit ?, ie something must have started the chain which exploited the NVIDIA card software
Click to expand...
Attackers exploit the vulnerability when ShadowPlay, NvContainer, or GameStream is enabled with NVIDIA GeForce Experience.
Click to expand...

NVIDIA Security Updates Fixes Critical Vulnerabilities that Allows Hackers Escalate Privileges and Perform DoS Attacks

NVIDIA released security updates that fix vulnerabilities with NVIDIA GeForce Experience. Attackers can exploit this vulnerability to escalate privileges, cause the denial of service attacks and code execution. This vulnerability can be tracked as CVE‑2019‑5674 and it receives the base score of...
gbhackers.com gbhackers.com
rhinosecuritylabs.com

NVIDIA Arbitrary File Writes to Command Execution | CVE-2019-5674 - Rhino Security Labs

A walkthrough of exploiting NVIDIA GeForce Experience through arbitrary file overwrites, CVE-2019-5674.
rhinosecuritylabs.com rhinosecuritylabs.com
 
  • Like
Reactions: harlan4096, stefanos and Venustus
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Like
    • Wow
Hackers infect TP-Link router firmware to attack EU entities
Replies
6
Views
2,066
News Archive
MuzzMelbourne
MuzzMelbourne
silversurfer
    • Like
    • +Reputation
Chinese hackers use new custom backdoor to evade detection
Replies
0
Views
594
News Archive
silversurfer
silversurfer
silversurfer
    • Like
    • +Reputation
StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users
Replies
0
Views
548
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top