A vulnerability (CVE-2023-36025) that Microsoft fixed in November 2023 continues to be exploited by malware peddlers: this time around, the delivered threat is a variant of the Phemedrone Stealer. About the malware Phemedrone Stealer is a piece of malware written in C#, with no dependencies. It’s capable of: Collecting system information (hardware, OS, geolocation) and making screenshots Gathering all data contained in the targed device’s memory Grabbing user files from specific folders (e.g., Documents, Desktop) … More

The post Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025) appeared first on Help Net Security.