July 29, 2023
A legitimate Windows search feature is being exploited by malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT.
The novel attack technique, per Trellix, takes advantage of the “search-ms:” URI protocol handler, which offers the ability for applications and HTML links to launch custom local
The novel attack technique, per Trellix, takes advantage of the “search-ms:” URI protocol handler, which offers the ability for applications and HTML links to launch custom local
Article posted by: https://thehackernews.com/2023/07/hackers-abusing-windows-search-feature.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com
