Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 months agoHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comexternal-linkmessage-square4linkfedilinkarrow-up149arrow-down11
arrow-up148arrow-down1external-linkHackers Use Weaponized JPEG File to Deploy Trojanized ScreenConnect Malwarecybersecuritynews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 months agomessage-square4linkfedilink
minus-squareNickeeCoco@piefed.sociallinkfedilinkEnglisharrow-up16·2 months ago The embedded PowerShell code creates a hidden folder at C:\Systems and downloads a trojanized ScreenConnect package from legitserver.theworkpc[.]com over TCP port 5443. Nothing to see here, just a legit server doing work with the systems.
minus-squareblargh513@sh.itjust.workslinkfedilinkEnglisharrow-up1·2 months agoURL appears to be dead. Tried to pull a copy of that zip file, just times out.
Nothing to see here, just a legit server doing work with the systems.
URL appears to be dead. Tried to pull a copy of that zip file, just times out.