Fake system update drops Aurora stealer via Invalid Printer loader

Whether it comes from advertisements on search engine results pages or through well-known websites, malvertising seems to be experiencing a revival these days. Today’s browsers are more secure than they were five or ten years ago, therefore many of the assaults we are seeing require social engineering in some way.

Users are being redirected by a threat actor to what appears to be a Windows security update via fraudulent advertising. Because it depends on the web browser to provide a full-screen animation that closely mimics what you might expect from Microsoft, the scheme is really well developed. A recently discovered loader, which at the time of the campaign was unaware of malware sandboxes and managed to get past almost all antivirus engines, is being used by the phoney security update.

Fake system update drops Aurora stealer via Invalid Printer loader

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Fake system update drops Aurora stealer via Invalid Printer loader

09-May-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address