Search for an article

Select a plan

Choose a plan from below, subscribe, and get access to our exclusive articles!

Monthly plan

$
13
$
0
billed monthly

Yearly plan

$
100
$
0
billed yearly

All plans include

  • Donec sagittis elementum
  • Cras tempor massa
  • Mauris eget nulla ut
  • Maecenas nec mollis
  • Donec feugiat rhoncus
  • Sed tristique laoreet
  • Fusce luctus quis urna
  • In eu nulla vehicula
  • Duis eu luctus metus
  • Maecenas consectetur
  • Vivamus mauris purus
  • Aenean neque ipsum
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

HomeCII/OTNew OBSCURE#BAT Malware Targets Users with Fake Captchas

New OBSCURE#BAT Malware Targets Users with Fake Captchas

Published on

spot_img

A new malware campaign named OBSCURE#BAT has emerged, exploiting social engineering tactics and fake software downloads to deceive users, steal data, and remain undetected on systems. Cybersecurity researchers at Securonix Threat Labs have identified this threat and warned users about the dangers posed by this malicious campaign.

The attack begins when a user unwittingly executes a malicious batch file, which is often disguised as legitimate security features or software downloads. Once the malware is executed, it establishes itself by creating scheduled tasks and manipulating the Windows Registry to ensure persistence even after system reboots.

To avoid detection, the malware utilizes a user-mode rootkit to conceal its presence on the system. This rootkit is capable of hiding files, registry entries, and running processes, making it challenging for users and security tools to detect the malicious activity. By embedding itself into legitimate system processes and services, the malware can evade detection and continue its nefarious operations.

Similar to recent campaigns, the OBSCURE#BAT malware campaign leverages fake captchas and malicious software downloads to lure users into executing the malicious code. Attackers disguise their files as legitimate applications, such as Tor Browser or Adobe products, increasing the likelihood of users falling victim to the scam. Fake captchas, especially those imitating Cloudflare’s captcha feature, trick users into executing the malicious code, leading to further exploitation of their systems.

The evasion techniques employed by the OBSCURE#BAT malware campaign pose a significant threat to both individuals and organizations. By using API hooking, the malware hides its files, registry entries, and running processes from common tools like Windows Task Manager, making detection more difficult. Additionally, the malware manipulates the registry by registering a fake driver to ensure persistence and implements stealthy logging to monitor user interactions, further complicating detection and analysis.

Securonix’s detailed technical report reveals that the OBSCURE#BAT malware campaign primarily targets users in countries like Canada, Germany, the United States, and the United Kingdom. The motives behind the attack seem to be financially motivated or espionage-related, underscoring the severity of the threat posed by this malware campaign.

To protect themselves from the OBSCURE#BAT attack and similar threats, users and organizations are advised to follow key security measures. These include downloading software only from legitimate sources, deploying endpoint logging tools for enhanced detection capabilities, monitoring systems for suspicious activity, and utilizing threat detection tools such as behavioral analysis and machine learning-based systems.

By staying vigilant and implementing cybersecurity best practices, users can safeguard themselves against the dangers posed by the OBSCURE#BAT malware campaign and protect their systems from potential compromise.

Source link

Latest articles

Webinar on Active Directory Recovery and Business Resilience

In a recent development, ISMG has introduced a new registration process for its members....

Protecting Your Venture from Cybersecurity Risk

Start-ups are increasingly becoming the target of cyberattacks, with a staggering 43% of all...

Polymorphic malware poses a new challenge for Karnataka cyber police, resulting in victims losing Rs 2,900 crore in 2024

BENGALURU: The fight against cybercrime in Karnataka has taken a new turn as fraudsters...

A Hacker’s Perspective on All Things Antenna

In a world where DIY antennas sometimes fall short of expectations, many enthusiasts find...

More like this

Webinar on Active Directory Recovery and Business Resilience

In a recent development, ISMG has introduced a new registration process for its members....

Protecting Your Venture from Cybersecurity Risk

Start-ups are increasingly becoming the target of cyberattacks, with a staggering 43% of all...

Polymorphic malware poses a new challenge for Karnataka cyber police, resulting in victims losing Rs 2,900 crore in 2024

BENGALURU: The fight against cybercrime in Karnataka has taken a new turn as fraudsters...