Security researchers have identified a new wave of attacks using the XWorm malware that exploits the Follina vulnerability. XWorm is a remote access trojan (RAT) that has been previously linked to state-sponsored Chinese hacking groups. The Follina vulnerability is a critical vulnerability in Microsoft Windows systems that was first disclosed in 2022.
The XWorm malware uses Follina to spread across networks and exfiltrate sensitive information. The malware can also open a backdoor to allow attackers to gain remote access to compromised systems. The attacks have been observed targeting a range of organizations in different sectors, including finance, healthcare, and government.
According to security experts, the XWorm malware is particularly dangerous because it can bypass traditional security measures. The malware can evade detection by anti-virus software and firewalls, making it difficult to detect and remove. Moreover, the Follina vulnerability is easily exploitable, and attackers can use it to gain access to vulnerable systems with minimal effort.
The XWorm malware is usually delivered through phishing emails or through exploit kits. Once a user clicks on a malicious link or opens a malicious attachment, the malware is installed on the victim’s system. The malware then establishes communication with a command and control (C&C) server, allowing attackers to remotely control the infected machine.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: