The list of the hostnames includes typosquats for AnyDesk, MSI Afterburner, 7-ZIP, Blender, Dashlane, Slack, VLC, OBS, cryptocurrency trading apps, and other popular software.
IP address and made the hostnames list public. The Malware Campaign ExplainedĬyber researchers discovered that all the hostnames resolve to the 185.149.1209. This is not the first time cybercriminals try to exploit AnyDesk spoofing to distribute malware, since the remote desktop app is so popular. More than 1,300 domains that impersonate the official AnyDesk site were found to redirect users to a Dropbox folder that pushes information-stealing malware.ĪnyDesk is used by millions of people worldwide for remote connectivity and system administration on Windows, Linux, or macOS. Threat actors launched a massive malware campaign that spoofs the AnyDesk site to infect endpoints with Vidar stealer.
0 kommentar(er)
