This article has been indexed from Softpedia News / Security
Cybersecurity experts announced on Wednesday the takedown of a clever malvertising network that targeted AnyDesk and delivered a weaponized installation of the remote desktop software via fake Google ads in search results pages.
The campaign, believed to be launched as early as April 21, 2021, contains a malicious file that masquerades as the notorious AnyDesk and, when executed, downloads a PowerShell implant to collect and exfiltrate system information.
[ORIGIMG=2]
Researchers from Crowdstrike said in a study that “The script had some obfuscation and multiple functions that resembled an implant as well as a hardcoded domain (zoomstatistic[.]com) to ‘POST’ reconnaissance information such as user name, hostname, operating system, IP address, and the current process name”.
According to the company’s website, AnyDesk’s remote desktop …
Read the original article: Trojanized AnyDesk Installer Found in Google Ads