HotPage Malware Hijacks Browsers With Signed Microsoft Driver

Category: Cybersecurity

Researchers have identified a new malware, HotPage.exe, which disguises itself as an ad-blocking installer but actually injects code into processes and intercepts browser traffic. It redirects users to ads and collects data, exploiting a signed driver from Microsoft linked to a dubious Chinese company. The malware's kernel component poses significant security risks, allowing other threats to execute high-level code. ESET has reported this vulnerability to Microsoft, leading to the removal of the driver from the Windows Server Catalog.

Keywords: malware, HotPage.exe, cybersecurity threats

Source: Infosecurity Magazine

Update At: 7/19/2024

Related Sources

CrowdStrike offers a $10 apology gift card to say sorry for outage

CrowdStrike offered partners a $10 Uber Eats gift card as an apology for a botched update that rendered 8.5 million Windows devices unusable, causing widespread disruptions. However, many recipients reported issues redeeming the gift card, with some receiving cancellation messages. The company acknowledged the incident and expressed commitment to transparency and improvement.

TechCrunch

CrowdStrike offers $10 Uber Eats gift cards to Windows outage victims

CrowdStrike is offering $10 Uber Eats gift cards to customers as an apology for a faulty driver update that caused 8.5 million Windows machines to experience boot loops. However, some users are facing issues redeeming the gift cards due to cancellation errors. The incident had widespread effects, impacting airlines, hospitals, and various businesses globally.

TweakTown

CrowdStrike offers a $10 Uber Eats card to say sorry before pulling the offer

CrowdStrike's attempt to apologize for a global system outage with a $10 Uber Eats gift card backfired, as many clients reported issues redeeming the offer. The outage, caused by a bug in an update, led to significant disruptions across various sectors, including banking and healthcare.

Engadget

CrowdStrike Offers Meager $10 Gift Card as Apology for Massive Outage

CrowdStrike is offering partners a $10 Uber Eats gift card as an apology for a botched update that crashed millions of computers, causing significant disruptions globally. Some recipients reported issues redeeming the voucher. The incident affected around 8.5 million Windows devices, leading to delays in various sectors. CrowdStrike's CEO and chief security officer have both issued apologies and committed to transparency in resolving the issue.

GV Wire

Are North Korean hackers going 'Seoul' searching?

South Korea is investigating a significant leak of military intelligence to North Korea, which may compromise its intelligence operations. Google has fixed an authentication vulnerability in its Workspace service, while Wiz has identified a security flaw in Selenium Grid that exposes thousands of instances to cyber attacks. The UK’s Science Secretary warns of the country's vulnerability to cyber threats, and the shipping industry faces a surge in cyber attacks. Apple has resolved an iCloud outage, and Google Chrome has introduced new protections against malware in encrypted files. Experts discuss the brittleness of modern IT infrastructure and the need for improved resilience.

CyberWire

South Korea Confronts Major Data Breach from Military Intelligence Command

A data breach involving South Korea's Korea Defense Intelligence Command (KDIC) has revealed sensitive information about agents, raising concerns over national security and intelligence operations against North Korea. The breach may have resulted in the leak of personal data to North Korea, prompting investigations and potential severe consequences for those responsible. This incident highlights the ongoing espionage and cyber threats posed by North Korea, particularly in the current geopolitical climate.

The Cyber Express

Russian hacker prosecuted in Georgia among prisoners swapped by U.S.

In November 2008, hackers led by Seleznev accessed 45.5 million debit card numbers from WorldPay, resulting in over $9.4 million stolen from ATMs worldwide. Seleznev, a key figure in the cyberattack, was later prosecuted and ordered to pay significant restitution. He was arrested in 2014 while on vacation and is linked to a larger identity theft organization.

AJC.com

Iran’s Internet Attacked—‘Reported Collapse’ As Israeli Hackers Strike

An Israeli hacking group, WeRedEvils, claimed responsibility for attacks on Iranian internet providers, leading to reported internet outages in parts of Iran. They announced their actions on Telegram, stating they had infiltrated Iranian communications and gathered intelligence. The situation remains unclear, with reports of a potential retaliation from Iran following a recent attack attributed to Israel's military.

Forbes

Israeli hacker group takes responsibility for reported collapse of Wi-Fi in Iran

The Israeli hacker group 'We Red Evils Original' claimed responsibility for WiFi outages in Iran, announcing their intent to attack internet systems. Reports indicate internet blackouts in parts of Iran, particularly Tehran. The group has previously hacked into Iran's oil infrastructure and blocked communication for the Hadid family. They also claimed to have disrupted internet access in Yemen in response to Houthi missile launches.

The Jerusalem Post

Iranian Internet Attacked by Israeli Hacktivist Group: Reports

WeRedEvils, an Israeli hacktivist group, claimed responsibility for a cyberattack that disrupted internet access in parts of Iran, including Tehran. The group announced the attack via Telegram, stating they successfully infiltrated Iranian communications and gathered sensitive information. This incident follows heightened tensions after the assassination of Hamas leader Ismail Haniyeh by Israeli forces, with Iran reportedly preparing a retaliatory response. WeRedEvils has a history of cyberattacks against Iranian infrastructure, including previous disruptions to oil systems and the electrical grid.

Security Boulevard