Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 8 days agoHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comexternal-linkmessage-square4linkfedilinkarrow-up151arrow-down11
arrow-up150arrow-down1external-linkHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 8 days agomessage-square4linkfedilink
minus-squareNickeeCoco@piefed.sociallinkfedilinkEnglisharrow-up16·8 days ago The embedded PowerShell code creates a hidden folder at C:\Systems and downloads a trojanized ScreenConnect package from legitserver.theworkpc[.]com over TCP port 5443. Nothing to see here, just a legit server doing work with the systems.
minus-squareblargh513@sh.itjust.workslinkfedilinkEnglisharrow-up1·8 days agoURL appears to be dead. Tried to pull a copy of that zip file, just times out.
Nothing to see here, just a legit server doing work with the systems.
URL appears to be dead. Tried to pull a copy of that zip file, just times out.