Summary: Cybersecurity researchers have identified increasing campaigns using cracked software versions to spread information stealers like ACR Stealer and Rhadamanthys. These threats employ advanced techniques such as dead drop resolvers and exploit vulnerabilities in Microsoft Management Console to execute malicious payloads. With millions of systems compromised, these malware campaigns pose substantial risks to corporate environments and sensitive data.
Affected: Organizations using cracked software and vulnerable Microsoft systems
Keypoints :
- ACR Stealer and Lumma are being distributed through cracked software, leveraging dead drop resolver techniques.
- Rhadamanthys malware is being delivered through disguised MSC files exploiting CVE-2024-43572, a zero-day vulnerability.
- Stealer malware campaigns have infected over 30 million computers, enabling theft of corporate credentials that can be traded on underground forums.
- Threat actors are increasingly using ClickFix techniques to redirect users to execute malicious commands.
- Advanced malware like I2PRAT uses anonymization networks, complicating tracking efforts.
Source: https://thehackernews.com/2025/02/new-malware-campaign-uses-cracked.html