Gandalf_The_Grey
Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,389
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps.
The toolkit is the equivalent of Sliver and Cobalt Strike post-exploitation frameworks and it was documented by Trend Micro this summer in a report on attacks against Chinese users.
At the time, a threat actor tracked as Void Arachne/Silver Fox lured victims with offers of various software (VPNs, Google Chrome browser) modified for the Chinese market that bundled the malicious component.
A report today from cybersecurity company Fortinet indicates an evolution in the activity, with hackers now relying on games and game-related files in their continued targeting of Chinese users.
Hackers increasingly use Winos4.0 post-exploitation kit in attacks
Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps.
www.bleepingcomputer.com