The initial infection starts when the user clicks on the “Downloads” button present in the phishing site, which downloads a malware named “Anydesk.exe” file from the remote server.įigure 1 – Phishing site impersonating AnyDesk and downloading malware AnyDesk is a remote desktop application that offers remote access to other computers, file transfer, and other functionalities. Recently, CRIL identified a phishing site, “ hxxp://anydeskml,” impersonating a genuine AnyDesk website. Generally, the link of these phishing pages arrives to users via SMS, Email, social networks, etc.Ĭyble Research and Intelligence Labs (CRIL) has also been regularly monitoring various phishing campaigns and discussing them. Phishing sites are becoming an increasingly attractive target for Threat Actors (TAs) to lure victims into stealing sensitive information, and downloading other malware, such as RAT, Ransomware, etc., to damage the victim’s machine. Dubbed information stealer spotted stealing sensitive Data
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |