Exploiting CVE-2024-21412: A Stealer Campaign Unleashed
released on 2024-07-24 @ 08:02:13 AM
This report details a malicious campaign exploiting the CVE-2024-21412 vulnerability in Microsoft Windows SmartScreen to bypass security warnings and deliver malware. Attackers employ crafted links, LNK files, and HTA scripts to download decoy PDFs and shell code injectors, ultimately injecting stealers like Meduza and ACR into legitimate processes. The campaign targets various regions and employs different techniques to evade detection, posing a significant threat to affected systems.