Increase In The Exploitation Of Microsoft SmartScreen Vulnerability…

216.73.216.6

Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412

· Published 11/07/2024 13:12 · Modified 11/07/2024 13:36

Essential information

Published: 11/07/2024 13:12
Modified: 11/07/2024 13:36
Tags: 2024-07-11 CVE-2024-21412 lumma malicious meduza stealer phishing spam stealer vulnerability
Related entities: 12 observables, 9 techniques (mitre), 2 malware, 3 others

Description

Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideloading and IDATLoader to inject the final payload. The malicious activity culminates in the deployment of Lumma and Meduza Stealer for data theft.

External references

https://cyble.com/blog/increase-in-the-exploitation-of-microsoft-smartscreen-vulnerability-cve-2024-21412/
https://otx.alienvault.com/pulse/668fda28adab48347ee153c0