216.73.216.86

Behind the Great Wall Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 CC Framework

· Published 19/06/2024 11:37 · Modified 19/06/2024 12:10

Export JSON

Essential information

Published
19/06/2024 11:37
Modified
19/06/2024 12:10
Tags
2024-06-19 backdoor chinese malware seo poisoning social engineering winos
Related entities
1 vulnerabilities (cve), 46 observables, 1 intrusion sets (apt), 2 techniques (mitre), 1 malware, 1 others

Description

Trend Micro recently discovered a threat actor group dubbed Void Arachne targeting -speaking users with malicious Windows Installer (MSI) files containing legitimate software bundled with malicious payloads. The campaign promotes compromised MSI files embedded with nudifiers, deepfake pornography-generating software, and AI voice and facial technologies. It uses , social media, and messaging platforms for distribution. The installs a during installation, leading to potential system compromise. Void Arachne exploits heightened public interest in software circumventing China's Great Firewall and online censorship.

External references