top of page
  • juanjomartinez56

Another attack using the software for remote assistance raises concern.

UAE and Kuwait government agencies have been attacked by the Iranian Muddy Water, using a remote management tool, Screen Connect. 🖥

Ravie Lakshmanan describes in The Hacker News the process the attackers follow. 🤓

They start by a phishing email, masquerade to come from the Kuwait Ministry of Foreign Affairs, and take the victims to a legitimate file storage site to download content related to foreign relations and other matters. 📬

The content comes on a .zip file, which also contains the executable of Screen Connect, a legitimate remote control software not detected by the AntiVirus. 🗂

A few days ago, another remote management tool, Teamviewer, was used by a cybercriminal to get access to the controls of a Water Supply Plant in Florida and raise the levels of Sodium Hydroxide. 💣

In both cases, the exploitation of legitimate software, typically used for remote support purposes, has been used as a vector of attack. This raises concern as software for remote assistance is installed in most computers.


Have you checked the existence of remote control software in your organization? 🤔

Do you have mechanisms and alerts to control the execution of this software? ⚠️


3 visualizaciones0 comentarios

Entradas Recientes

Ver todo


bottom of page