- A now-fixed Windows Defender SmartScreen vulnerability is being exploited to spread DarkGate malware.
- The flaw allows threat actors to circumvent security checks and leverage fake software for automatic installations.
Security researchers reportedly found a new DarkGate malware campaign in January 2024, which exploited a vulnerability in Windows Defender SmartScreen by leveraging fake software installers. Microsoft has now fixed the flaw through patch updates. SmartScreen is a prominent Windows Defender feature that displays warnings if users run suspicious or unrecognized programs from the web. The flaw allows malicious files to bypass these warnings.
Bad actors exploit compromised sites hosting the Microsoft Windows SmartScreen bypass CVE-2024-21412 (CVSS score: 8.1) to lure targeted Windows users through PDF links with Google Ad technologies redirect URLs, which led to the download of fake versions of NVIDIA, Apple iTunes, and other installers. These malicious programs included a DLL file that infected targeted devices with a DarkGate malware payload.
See More: Stanford University Reports Data Breach That Impacted 27,000 Individuals
Using open redirect links with…
