Mispadu is a very sneaky malware since it exploits the Windows CVE-2023-36025 flaw to attack users. This very dangerous infostealer can steal your banking information.
- Mispadu is an infostealer that exploits Windows CVE-2023-36025 to steal your banking data
- Malware allowed hackers to steal 90,000 banking data in 2023
- Another malware called Phemedrone Steal exploits the same flaw
- Update Windows if this has not been done, the vulnerability has been closed in November 2023
Windows users are regularly targeted by cyberattacks. Despite Microsoft’s efforts through fixes, there remain many flaws to be filled. The operating system is targeted by an attack again via an infostealer called Mispadu discovered by the specialized company Unit 42.
Read > Windows 11 offers a nice facelift to its formerly purple installation screen
Mispadu malware exploits CVE-2023-36025
Mispadu is a program written in Delphi and it spreads via bombed emails with infected attachments or links. When the user is fooled, the infostealer uses SmartScreen, a Windows feature that scans files and sites, displaying warnings if anything suspicious appears. The flaw, called CVE-2023-36025, was patched by Microsoft in November 2023 but remains fallible systems because the update was not applied by users.
The flaw allows Mispadu to circumvent SmartScreenwhich ensures the malware to run without triggering Windows security warnings. The damage is then enormous:
- Mispadu steals sensitive information, including banking data
- It can also display fake windows which imitate the appearance of banking sites by asking to enter an identifier or security code
For now, Mispadu mainly targets Latin American countries, especially Mexico. We are talking about 90,000 stolen banking credentials last year. Nothing indicates that this malware does not hit the rest of the world like France or that it will not arrive here soon.
Another malware called Phemedrone Steal wreaks havoc
But Mispadu is not the only malware to exploit this flaw. SmartScreen. Another malware called Phemedrone Steal relies on this technique and steals information stored in browsers, cryptocurrency wallets and applications like Steam, Discord or Telegram.
Phemedrone is also able to collect data on the victim’s hardware, location and operating system. This malware can even take screenshots. The information is then sent to the hackers. Infected machines are controlled remotely by hackers via a command and control server.
So protect yourself, update your Windows operating system to avoid infection and above all, do not open any attachments or links from suspicious senders. This is the basis !
Mispadu is a very sneaky malware since it exploits the Windows CVE-2023-36025 flaw to attack users. This very dangerous infostealer can steal your banking information.
- Mispadu is an infostealer that exploits Windows CVE-2023-36025 to steal your banking data
- Malware allowed hackers to steal 90,000 banking data in 2023
- Another malware called Phemedrone Steal exploits the same flaw
- Update Windows if this has not been done, the vulnerability has been closed in November 2023
Windows users are regularly targeted by cyberattacks. Despite Microsoft’s efforts through fixes, there remain many flaws to be filled. The operating system is targeted by an attack again via an infostealer called Mispadu discovered by the specialized company Unit 42.
Read > Windows 11 offers a nice facelift to its formerly purple installation screen
Mispadu malware exploits CVE-2023-36025
Mispadu is a program written in Delphi and it spreads via bombed emails with infected attachments or links. When the user is fooled, the infostealer uses SmartScreen, a Windows feature that scans files and sites, displaying warnings if anything suspicious appears. The flaw, called CVE-2023-36025, was patched by Microsoft in November 2023 but remains fallible systems because the update was not applied by users.
The flaw allows Mispadu to circumvent SmartScreenwhich ensures the malware to run without triggering Windows security warnings. The damage is then enormous:
- Mispadu steals sensitive information, including banking data
- It can also display fake windows which imitate the appearance of banking sites by asking to enter an identifier or security code
For now, Mispadu mainly targets Latin American countries, especially Mexico. We are talking about 90,000 stolen banking credentials last year. Nothing indicates that this malware does not hit the rest of the world like France or that it will not arrive here soon.
Another malware called Phemedrone Steal wreaks havoc
But Mispadu is not the only malware to exploit this flaw. SmartScreen. Another malware called Phemedrone Steal relies on this technique and steals information stored in browsers, cryptocurrency wallets and applications like Steam, Discord or Telegram.
Phemedrone is also able to collect data on the victim’s hardware, location and operating system. This malware can even take screenshots. The information is then sent to the hackers. Infected machines are controlled remotely by hackers via a command and control server.
So protect yourself, update your Windows operating system to avoid infection and above all, do not open any attachments or links from suspicious senders. This is the basis !