#DarkMeMalware

Microsoft Patches Two Zero-Days Exploited for Malware Delivery

by

April 10, 2024 at 06:18AM Microsoft’s April 2024 Patch Tuesday updates fix around 150 vulnerabilities, including two zero-day exploits. The first, CVE-2024-26234, involves a proxy driver spoofing flaw in Windows, reportedly linked to an Android app named LaiXi associated with a backdoor. Microsoft addressed this issue by adding relevant files to its driver revocation list. … Read more

DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability

by

February 14, 2024 at 02:39AM A zero-day exploit in Microsoft Defender SmartScreen, leveraged by the threat actor Water Hydra (aka DarkCasino), targets financial market traders. Exploiting CVE-2024-21412, the attacker convinces victims to click on a booby-trapped URL, bypassing security checks. The end goal is to deliver the DarkMe trojan, capable of executing additional instructions and … Read more