Source: https://www.linkedin.com/feed/update/urn%3Ali%3Ashare%3A6584837882517745664
ALERT: Don’t Download Fake Web Browser Updates!: #Ransomware #Masquarade as Fake #Browser #Updates on #Vulnerable #ContentManagementSystems: The incidents generally began by threat actors injecting legitimate websites with malicious code disguised as fake browser updates, and were used to distribute #backdoors…
…Financially-motivated threat actors employ tactics that focus on disrupting business processes by deploying ransomware in mass throughout a victim’s environment. Understanding that normal #businessprocesses are critical to organizational success, these ransomware campaigns have been accompanied with multi-million dollar ransom amounts.
In April 2018, FireEye identified a campaign that used compromised websites to deliver heavily obfuscated #Trojan #droppers masquerading as #Chrome, #InternetExplorer, #Opera, and/or #Firefox browser updates. The compromised sites contained #code injected directly into the #HTML or in #JavaScript components rendered by the pages which had been injected. These sites were accessed by victim users either via #HTTP redirects or #WateringHole techniques utilized by the attackers.
Griffiss Institute AFRL Commercialization Academy Venture:
#AIMLExchange AIMLExchange.com We create the Digital Future™