Malware News Hackers increasingly use Winos4.0 post-exploitation kit in attacks

Gandalf_The_Grey

Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,389
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps.

The toolkit is the equivalent of Sliver and Cobalt Strike post-exploitation frameworks and it was documented by Trend Micro this summer in a report on attacks against Chinese users.

At the time, a threat actor tracked as Void Arachne/Silver Fox lured victims with offers of various software (VPNs, Google Chrome browser) modified for the Chinese market that bundled the malicious component.

A report today from cybersecurity company Fortinet indicates an evolution in the activity, with hackers now relying on games and game-related files in their continued targeting of Chinese users.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top