Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 months agoHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comexternal-linkmessage-square4fedilinkarrow-up151arrow-down11cross-posted to: technology@lemmit.online
arrow-up150arrow-down1external-linkHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 months agomessage-square4fedilinkcross-posted to: technology@lemmit.online
minus-squareNickeeCoco@piefed.sociallinkfedilinkEnglisharrow-up16·2 months ago The embedded PowerShell code creates a hidden folder at C:\Systems and downloads a trojanized ScreenConnect package from legitserver.theworkpc[.]com over TCP port 5443. Nothing to see here, just a legit server doing work with the systems.
minus-squareblargh513@sh.itjust.workslinkfedilinkEnglisharrow-up1·2 months agoURL appears to be dead. Tried to pull a copy of that zip file, just times out.
Nothing to see here, just a legit server doing work with the systems.
URL appears to be dead. Tried to pull a copy of that zip file, just times out.