Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

CISA warns about the active exploitation of vulnerability of the Linux kernel escalation

June 18, 2025

Ex-Analytics-Tsru, sentenced to 37 months for leaks of secret documents on national protection

June 18, 2025

Iran slows the Internet to prevent cyber -napades against the background of escalation of regional conflict

June 18, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » Fake Google Chrome Sites Distributed Malicious Valleyrat via Dll
Global Security

Fake Google Chrome Sites Distributed Malicious Valleyrat via Dll

AdminBy AdminFebruary 6, 2025No Comments3 Mins Read
Fake Google Chrome Sites
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


06 February 2025Red LakshmananCyber ​​-Ataka / malicious software

Fake Google Chrome Sites

Bogus websites advertised by Google Chrome were used to distribute malicious trooper access settings called Valleyrat.

Malicious software, first discovered in 2023, is explained by the actor of the threat, which is monitored as a silver fox, and previous attacks are primarily focused on Chinese regions such as Hong Kong, Taiwan and mainland China.

“This actor is increasingly targeted in a key role in the finance organizations, accounting and sales-proclaiming strategic attention to high-value positions with access to sensitive data and systems,” Morphisek Schmuel Invo – Note In a report published earlier this week.

Cybersecurity

Early chains of attacks Valleyrat delivery was observed along with other families malware such as Purple Fox and GH0St Rats, the last of which was widely used by different Chinese hacking groups.

As recently last month, fake installers for legal software served as a tray distribution mechanism with a DLL named PNGPLUG.

It is worth noting that the download scheme oriented previously used To deploy GH0St rats with malicious packages for the Chrome web browser.

Fake Google Chrome Sites

Similarly, the last sequence of attacks associated with Valleyrat entails the use of a fake Google Chrome site to trick the goals in the ZIP archive that contains the executable file (“setup.exe”).

When performing the binary checks out if he has an administrator’s privilege, and then he continues to load four additional useful loads, including the legitimate executed file associated with Douyin (“Douyin.exe”), the Chinese version “Tier0.dll”), which Then the Valleyrat launches malicious software.

Another dll (“SSCRONET.DLL”), which is responsible for the termination of any launch process, is also obtained.

Cybersecurity

Consists in Chinese and written in C ++, Valleyrat is a Trojan that is designed to control the content of the screen, the magazine keys and the establishment of the host. It is also capable of initiating a distant server to wait for further instructions that allow it to list the processes, as well as download and execute arbitrary DLL and binary files.

“To introduce a useful load, the attacker abused legal signed files that were vulnerable to the DLL search,” Yas said.

Development comes as sophos General data Phishing attacks that use scale vector graphics (Svg) Attachments to evading and providing malicious software for keystrokes based on automatic discussion such as NYMERIA or immediate users.

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

CISA warns about the active exploitation of vulnerability of the Linux kernel escalation

June 18, 2025

Ex-Analytics-Tsru, sentenced to 37 months for leaks of secret documents on national protection

June 18, 2025

Iran slows the Internet to prevent cyber -napades against the background of escalation of regional conflict

June 18, 2025

RCE Critical Error RCE Rate 9.9 CVSS in Backup and Replication

June 18, 2025

Google Chrome Zero-Day Cve-2025-2783 is operated by Taxoff to expand Trinper Backdoor

June 17, 2025

Langsmith Bug can expose the Openai keys and users’ data through malicious agents

June 17, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

CISA warns about the active exploitation of vulnerability of the Linux kernel escalation

June 18, 2025

Ex-Analytics-Tsru, sentenced to 37 months for leaks of secret documents on national protection

June 18, 2025

Iran slows the Internet to prevent cyber -napades against the background of escalation of regional conflict

June 18, 2025

RCE Critical Error RCE Rate 9.9 CVSS in Backup and Replication

June 18, 2025

Google Chrome Zero-Day Cve-2025-2783 is operated by Taxoff to expand Trinper Backdoor

June 17, 2025

Langsmith Bug can expose the Openai keys and users’ data through malicious agents

June 17, 2025

How to protect backups

June 17, 2025

Silver Fox Apt has on target Taiwan with sophisticated GH0Stcringe and Holdinghands Rats Malicious Programs

June 17, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

CISA warns about the active exploitation of vulnerability of the Linux kernel escalation

June 18, 2025

Ex-Analytics-Tsru, sentenced to 37 months for leaks of secret documents on national protection

June 18, 2025

Iran slows the Internet to prevent cyber -napades against the background of escalation of regional conflict

June 18, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.