Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

21
Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target French-speaking victims of a new PowerShell-based information criminal designed to harvest more information on viral machines.

About half of the targets are from the US, and the cybersecurity company notes that the attacks may have been aimed at “Iranian people living abroad and may be seen as a threat to the Islamic State of Iran.

The phishing scam, which began in July 2021, involved the exploitation of CVE-2021-40444, a remote error code that could be exploited using Microsoft’s specially designed Microsoft Office scripts.

Read More: Thehackernews

For more such updates follow us on Google News ITsecuritywire News