CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
released on 2024-03-14 @ 04:10:51 PM
A recent DarkGate campaign exploited CVE-2024-21412, a Microsoft Windows SmartScreen bypass vulnerability, through phishing PDFs containing Google DoubleClick redirects that led victims to sites hosting the exploit and fake software installers to deploy the malware payload. The installers used DLL sideloading to execute the malware, which had multiple stages employing encryption and obfuscation to evade detection.