all InfoSec news
Vidar distributed through backdoored Windows 11 downloads and abusing Telegram
May 19, 2022, 3 p.m. | Sudeep Singh
Security Boulevard securityboulevard.com
Summary
In April 2022, ThreatLabz discovered several newly registered domains, which were created by a threat actor to spoof the official Microsoft Windows 11 OS download portal. We discovered these domains by monitoring suspicious traffic in our Zscaler cloud. The spoofed sites were created to distribute malicious ISO files which lead to a Vidar infostealer infection on the endpoint. These variants of Vidar malware fetch the C2 configuration from attacker-controlled social media channels hosted on Telegram and Mastodon network.
ThreatLabz …
abusing distributed downloads telegram vidar windows windows 11
More from securityboulevard.com / Security Boulevard
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Officer Level 1 (L1)
@ NTT DATA | Virginia, United States of America
Alternance - Analyste VOC - Cybersécurité - Île-De-France
@ Sopra Steria | Courbevoie, France
Senior Security Researcher, SIEM
@ Huntress | Remote US or Remote CAN
Cyber Security Engineer Lead
@ ASSYSTEM | Bridgwater, United Kingdom