Delete please

vitalker · 04-08-2022, 03:02 AM

What do you think about it?

https://www.bleepingcomputer.com/new...alware-loader/

papagirafe · 04-08-2022, 04:35 AM

Always possible as any developer might insert malware inadvertently in their installation packages but unlikely IMHO. The same thing has been said about chips manufactured in China that are suspected to include dormant instructions for espionage.

vitalker · 04-08-2022, 04:37 AM

Quote:

Originally Posted by papagirafe

The same thing has been said about chips manufactured in China that are suspected to include dormant instructions for espionage.

Why do you think it can't be true? They knew who is the client.

papagirafe · 04-08-2022, 06:38 AM

Quote:

Originally Posted by vitalker

Why do you think it can't be true? They knew who is the client.

My initial feeling was only based on the the fact that I've heard so many similar stories in my carrer from dubious websites. But now that I have checked the credential of bleepingcomputer I take it much more seriously. This claim being likely true, I doubt a home/home office setup would be of any interest to the Cicada group and my understanding is that it takes a combination with a vulnerability in a microsoft product used almost only in big entreprises. Still, makes you wonder how many of these exists in other apps...

vitalker · 04-08-2022, 07:04 AM

Quote:

Originally Posted by papagirafe

My initial feeling was only based on the the fact that I've heard so many similar stories in my carrer from dubious websites. But now that I have checked the credential of bleepingcomputer I take it much more seriously. This claim being likely true, I doubt a home/home office setup would be of any interest to the Cicada group and my understanding is that it takes a combination with a vulnerability in a microsoft product used almost only in big entreprises. Still, makes you wonder how many of these exists in other apps...

Well they also can use backdoors made for intelligence agencies (not Chinese of course).

cyrano · 04-11-2022, 02:54 AM

Quote:

There is evidence that some initial access to some of the breached networks was through a Microsoft Exchange server...

Once you have access to a server, or a network, the rest is simple and there are numerous options available.

The reason they used VLC is that it's popular and they probably noticed it was present on most targets.

vitalker · 04-11-2022, 03:00 AM

Quote:

Originally Posted by cyrano

Once you have access to a server, or a network, the rest is simple and there are numerous options available.

The reason they used VLC is that it's popular and they probably noticed it was present on most targets.

Yeah, I understand that.

So fake news?

cyrano · 04-11-2022, 04:03 AM

Not fake news.

It just amazes me a bit that the media's publicity department didn't cut it. Usually that's what happens.

04-08-2022, 03:02 AM	#1
vitalker Human being with feelings Join Date: Dec 2012 Posts: 13,333	Delete please What do you think about it? https://www.bleepingcomputer.com/new...alware-loader/ __________________ Donate►Chroma - coloring tool►SoundCloud►All the REAPER names Last edited by vitalker; 04-11-2022 at 04:25 AM.

04-11-2022, 04:03 AM	#8
cyrano Human being with feelings Join Date: Jun 2011 Location: Belgium Posts: 5,246	Not fake news. It just amazes me a bit that the media's publicity department didn't cut it. Usually that's what happens. __________________ In a time of deceit telling the truth is a revolutionary act. George Orwell

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

04-08-2022, 04:35 AM	#2
papagirafe Human being with feelings Join Date: Aug 2020 Location: Brasil Posts: 690	Always possible as any developer might insert malware inadvertently in their installation packages but unlikely IMHO. The same thing has been said about chips manufactured in China that are suspected to include dormant instructions for espionage.