Weaponized Windows Installers Target Graphic Designers in Crypto Heist


Attackers conceal malicious scripts that install a backdoor and miners that take advantage of the graphics processing capabilities of victims using a legitimate Windows installer. In a cryptocurrency-mining effort that has been going on since at least November 2021, attackers are using malicious versions of a genuine Windows installer utility to target 3D modelers and graphic designers.

According to a report released this week by Cisco Talos’ Threat Researcher Chetan Raghuprasad, the campaign makes use of Advanced Installer, a tool for building software packages, to conceal malware in legitimate installers for programs used by creative professionals, including Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro.

Read More…