Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 23 days agoHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comexternal-linkmessage-square4linkfedilinkarrow-up146arrow-down11
arrow-up145arrow-down1external-linkHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 23 days agomessage-square4linkfedilink
minus-squareNickeeCoco@piefed.sociallinkfedilinkEnglisharrow-up14·23 days ago The embedded PowerShell code creates a hidden folder at C:\Systems and downloads a trojanized ScreenConnect package from legitserver.theworkpc[.]com over TCP port 5443. Nothing to see here, just a legit server doing work with the systems.
minus-squareblargh513@sh.itjust.workslinkfedilinkEnglisharrow-up1·23 days agoURL appears to be dead. Tried to pull a copy of that zip file, just times out.
Nothing to see here, just a legit server doing work with the systems.
URL appears to be dead. Tried to pull a copy of that zip file, just times out.