Cyber Security News

Microsoft Dissects PipeMagic Modular Backdoor

CybersecurityNews
Microsoft Dissects PipeMagic Modular Backdoor

Microsoft uncovers PipeMagic, a modular backdoor used in ransomware attacks, notably by threat actor Storm-2460 linked to RansomEXX. This sophisticated malware employs modular architecture for stealthy operations and exploits a Windows zero-day (CVE-2025-29824). #PipeMagic #Storm2460 #RansomEXX #CVE2025-29824

Keypoints

  • PipeMagic is a modular backdoor used in recent ransomware campaigns since early 2023.
  • The malware disguises as a legitimate open source ChatGPT Desktop Application to evade detection.
  • It exploits a Windows zero-day vulnerability (CVE-2025-29824) affecting organizations worldwide.
  • PipeMagic operates mainly in memory, using modules received via named pipes for malicious tasks.
  • Microsoft emphasizes understanding such sophisticated threats to strengthen defense mechanisms against evolving malware.

Read More: https://www.securityweek.com/microsoft-dissects-pipemagic-modular-backdoor/

SHARE THIS STORY

WhatsAppX (Twitter)TelegramBlueskyFacebookLinkedInThreadsEmailPrint