top of page
juanjomartinez56

Another attack using the software for remote assistance raises concern.

UAE and Kuwait government agencies have been attacked by the Iranian Muddy Water, using a remote management tool, Screen Connect. 🖥


Ravie Lakshmanan describes in The Hacker News the process the attackers follow. 🤓


They start by a phishing email, masquerade to come from the Kuwait Ministry of Foreign Affairs, and take the victims to a legitimate file storage site to download content related to foreign relations and other matters. 📬


The content comes on a .zip file, which also contains the executable of Screen Connect, a legitimate remote control software not detected by the AntiVirus. 🗂


A few days ago, another remote management tool, Teamviewer, was used by a cybercriminal to get access to the controls of a Water Supply Plant in Florida and raise the levels of Sodium Hydroxide. 💣


In both cases, the exploitation of legitimate software, typically used for remote support purposes, has been used as a vector of attack. This raises concern as software for remote assistance is installed in most computers.

📲


Have you checked the existence of remote control software in your organization? 🤔


Do you have mechanisms and alerts to control the execution of this software? ⚠️


Links:

2 visualizaciones0 comentarios

Entradas Recientes

Ver todo

Comments


bottom of page