Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

[correlate]

[correlate]

Level 18
Thread author
Top Poster
Well-known
May 4, 2019
801
Content source
https://thehackernews.com/2022/07/hackers-exploiting-follina-bug-to.html
A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems.

"Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker's machine," Fortinet FortiGuard Labs researcher Cara Lin said in a report this week.
Click to expand...
thehackernews.com

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

Hackers exploit the Follina vulnerability to infect Windows systems with the Rozena backdoor.
thehackernews.com thehackernews.com
 
  • Like
Reactions: upnorth, plat, Trooper and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,118
Although the vulnerability was patched several weeks ago via standard Windows updates, there are still many unpatched machines. The attackers use several well-known delivery methods:

While attacks spotted in early April prominently featured Excel files with XLM macros, Microsoft's decision to block macros by default around the same time is said to have forced the threat actors to pivot to alternative methods like HTML smuggling as well as .LNK and .ISO files.
Click to expand...
 
  • Like
  • Thanks
Reactions: plat, Trooper, Fel Grossi and 2 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware
Replies
0
Views
725
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News Google: Russian FSB hackers deploy new Spica backdoor malware
Replies
1
Views
1,498
Security News
Juan2go
J
Lymphocyte
    • Like
    • +Reputation
Malware News SpectralBlur: New macOS Backdoor Threat from North Korean Hackers
Replies
1
Views
1,203
Security News
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top