Hackers exploited a Windows SmartScreen security flaw (CVE-2024-21412) to deliver DarkGate malware via phishing emails.

Hackers exploited a Windows SmartScreen security flaw before it was patched, using it to drop the DarkGate malware. The attack involved phishing emails with malicious PDFs, open redirects via Google DoubleClick Digital Marketing, and Microsoft installers impersonating legitimate software. The vulnerability, CVE-2024-21412, was part of a wider campaign from the threat actor known as Water Hydra.

March 14, 2024
3 Articles

Further Reading