Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)

A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written in C#, with no dependencies. It’s capable of: Collecting system information (hardware, OS, geolocation) and making screenshots Gathering all data contained in the targed device’s memory Grabbing user files from specific folders (e.g., Documents, Desktop) … More →

The post …

bug collecting cve cve-2023-36025 dependencies don't miss exploited hot stuff info information malware microsoft november november 2023 piece smartscreen stealer system threat trend micro vulnerability windows windows smartscreen written