Counterfeit Windows 11 installers are being used by malicious actors to distribute the Vidar information-stealer malware, ZDNet reports.
Zscaler researchers discovered the emergence of newly registered domains impersonating the real download portal for Microsoft Windows 11 OS last month. The file on the fake website has been found to be an .ISO with the Vidar payload. Telegram channels with the same command-and-control server addresses in threat actors' social media profiles have also been opened. Attackers have been leveraging a static configuration for C2 access, as well as social media profiles as backup URLs, according to the report, which also revealed that several backdoored Adobe Photoshop versions have also been observed in a GitHub repository.
"The threat actors distributing Vidar malware have demonstrated their ability to social engineer victims into installing Vidar stealer using themes related to the latest popular software applications. As always, users should be cautious when downloading software applications from the Internet," said researchers.
Canada had its various government agencies and financial and transportation industries subjected to distributed denial-of-service attacks by pro-Russian cybercrime operation NoName057(16), according to SecurityWeek.
TechCrunch reports that major payments technology platform Square disclosed that a daylong outage it suffered late last week was prompted by a DNS error and not by a cyberattack. "While making several standard changes to our internal network software, the combination of updates prevented our systems from properly communicating with each other, and ultimately caused the disruption."