• Bitcoin(BTC)$24,383.00-1.66%
  • Ethereum(ETH)$1,657.83-2.53%
  • Tether(USDT)$1.000.18%
  • BNB(BNB)$310.23-1.26%
  • USD Coin(USDC)$1.000.10%
  • XRP(XRP)$0.39-0.81%
  • Binance USD(BUSD)$1.000.05%
  • Cardano(ADA)$0.39-2.73%
  • Dogecoin(DOGE)$0.09-2.67%
  • Polygon(MATIC)$1.38-6.66%
parkisgold-zz

NCC-CSIRT Warns of New Windows Phishing Attack

0 56

CEM REPORT, ICT | Windows users have been warned against a newly discovered Phishing attack that can load malicious QBot malware on the compromised device without triggering any Windows security alerts.

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) warns that the vulnerability is present in all versions of Windows-based products.

In its advisory, NCC-CSIRT reports that ProxyLife security researcher discovered the new phishing exploit on Windows zero-day vulnerability to drop a Qbot malware without displaying Mark of the Web (MoTW) security warnings.

parkisgold-zz

“To take advantage of the Windows Mark of the Web zero-day vulnerability, threat actors have switched to a new phishing strategy that involves propagating JS files (plain text files that include JavaScript code) signed with forged signatures.

“The newest phishing attempt begins with an email that contains a password for the file along with a link to an allegedly important document.

“When the link is clicked, a password-protected ZIP folder that includes another zip file and an IMG file is downloaded.

“Normally, launching the JS file in Windows would result in a Mark of the Web security warning because it is an Internet-based file. However, the forged signature permits the JS script to function and load the malicious QBot program without triggering any Windows security alerts,” the advisory said.

Accordingly, NCC-CSIRT advised that users apply updates per vendor instructions.

 

Share this

Leave a Comment

parkisgold-zz
glo advert

CONTINENTAL ECONOMY MAGAZINE is your news, report and analysis website with focus on the economy, business, market and industries. We provide you with the latest news, reports and incisive analysis about the economy and business developments from Nigeria, Africa and the Globe.

Edtior's Picks

Latest Articles