Great, hackers have found a new way to infiltrate your computer with malware

Cybersecurity experts recently discovered a new technique for storing malware on an unsuspecting PC. Used by hackers, it involves inserting malware into Windows 11 event logs. To make matters worse, this new technique is designed to make the infection process nearly impossible to detect until it is too late.

researchers from Kaspersky (thanks computer beeping) analyzed a recent sample of malware on a customer’s computer in February of this year. During their analysis, they discovered that a hacker was able to plant fileless malware onto a victim’s file system, hiding it in Windows event logs. The first, according to Kaspersky.

This sophisticated attack injects shellcode payloads into Windows event logs in KMS (Key Management Services) via a custom malware dropper and basically hides in plain sight.

The dropper then loads the malicious code by taking advantage of a DLL exploit and hides itself as a copy of a legitimate error file. So even if you check your event logs, it won’t look anything out of the ordinary. The attacker can then install a Trojan virus (or, in this case, multiple Trojans), which will wreak havoc on a system.

Denis Legezo, chief security researcher at Kaspersky, told Bleeping Computer that “the actor behind the campaign is quite skilled in his own right, or at least has a good set of pretty deep business tools.” .

Kaspersky has never revealed who the company was hit by what it calls a “targeted campaign.” The victim of this attack, in this case, was tricked into downloading a RAR file from a legitimate file-sharing service. Once downloaded, it secretly runs itself, and you’re pretty much screwed.

So how do you defend against an attack like this? You should continue to follow your company’s cybersecurity best practices, such as never clicking on suspicious links in emails and texts. Making sure you know what you’re downloading, and where it’s from, before opening any file or folder remains one of the best defenses we have against the arts of shady hackers.

Leave a Comment