• Log In
  • Skip to main content
  • Skip to primary sidebar

Ethical Hacking

Wade Mackey

Matthew Bryan

FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor

September 5, 2021 by Matthew Bryan 2 Comments

This is a good example of knowing your intended target and providing the right context to increase perceived legitimacy, e.g. capitalizing on Microsoft’s recent announcement of Windows 11.  Specifically, I thought the following items were interesting and relevant to our upcoming discussion on reconnaissance.

The FIN7 script checked for, and terminated itself, if the following were found on the victim’s machine:

  • Eastern European languages in use
  • Running within a virtual environment such as VMware or Virtual Box

The items above would be atypical for their ideal victim.  Stopping the script when the above criteria is met helps avoid detection by security researchers and extends the lifespan of the attack.

https://thehackernews.com/2021/09/fin7-hackers-using-windows-11-themed.html

Tagged With: Week 2

Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

August 29, 2021 by Matthew Bryan 3 Comments

I thought this was interesting and provided a great explanation of the phishing campaign.  Using the reCaptcha, during the link redirects, is a good example of building false trust with users in efforts to exploit them.

I also thought the parameter passing approach was particularly devious to avoid detection by email gateways.

Link: Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

Tagged With: Week 1

  • « Go to Previous Page
  • Page 1
  • Page 2

Primary Sidebar

Weekly Discussions

  • Uncategorized (1)
  • Week 1 (1)
  • Week 10 (1)
  • Week 11 (1)
  • Week 12 (2)
  • Week 2 (2)
  • Week 3 (1)
  • Week 4 (2)
  • Week 5 (3)
  • Week 6 (0)
  • Week 6 (2)
  • Week 7 (5)
  • Week 8 (5)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in