Published on May 23, 2024. EST READ TIME: 2 minutes
Multiple threat actors are exploiting a design flaw in Foxit PDF Reader to spread various malware, such as Agent Tesla, AsyncRAT, and Remcos RAT. According to Check Point, the flaw misleads users into executing harmful commands by displaying deceptive pop-ups with default "OK" and "Open" options. Malicious payloads are often hosted on Discord's content delivery network (CDN), contributing to the campaign's low detection rate. Notably, Adobe Acrobat Reader, more common in sandboxes or antivirus solutions, is not susceptible to this exploit. This flaw is exploited by a range of actors from e-crime to espionage, including the DoNot Team. Malicious PDFs have been distributed through platforms like Facebook and Trello. Check Point identified several instances where the attack chain involved downloading additional malware, such as credential stealers and cryptocurrency miners, from repositories like Gitlab.
North Korea's Lazarus Group Rakes in $3 Million: Unveiling Cybercrime's Financial Motivations
Read More 2 min read
Security Vulnerability: Windows Hello Fingerprint Authentication Bypassed on Popular Laptops
Read More 2 min read
Indian Startup Hack-for-Hire: Navigating the Complexities of Ethical Hacking
Read More 2 min read
North Korean Hackers Pose as Job Recruiters in Cyber Espionage Campaign
Read More 2 min read
Analysis Reveals: Bad Bots Constitute a Staggering 73% of Internet Traffic
Read More 2 min read
Health Insurance 
Travel Insurance 
Car Insurance 
Cyber Insurance 
Critical Illness Insurance
Pet Insurance
Bike/Two Wheeler Insurance 
Home Insurance 
Third Party Vehicle Ins. 
Tractor Insurance 
Goods Carrying Vehicle Ins. 
Passenger Carrying Vehicle Ins. 
Compulsory Personal Accident Insurance 
Travel Insurance 
Rural 
