Last Updated on 22/11/2021 by Anamika
Reportedly, cybercriminals have used a malware campaign to target Windows 10 operating system which is running on Chrome. The attackers have used a technique called User Account Control (UAC) to bypass Windows cybersecurity protections.
According to reports, the researchers of Rapid7 have made some observations regarding the activity. According to them, the malware activity has been carried out to steal sensitive information and also to steal cryptocurrency from the vulnerable systems.
For this malicious malware activity, the attackers have been using a malicious file called HoxLuSfo.exe with certain special codes to steal and get access to the data. Additionally, the malware targets and kills processes and servers named Google, Microsoft Edge, and setu.
The attackers have said to be used Disk Cleanup utility vulnerability to bypass UAC in some version of Windows 10. This allows a native scheduled task to run arbitrary code by tampering with the content of an environment variable. The attackers have used a PowerShell command launched by a suspicious executable, HoxLuSfo[.]exe.According to the reports of Cyware
The reports suggests that the main aim for this malware attack was directly related to financial gains, and hence, stealing cryptocurrency. Experts suggests the people not to open unrecognizable links or links which might seem suspicious to you.