New SteelFox malware hijacks Windows PCs using vulnerable driver
A new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines.
The malware bundle dropper is distributed through forums and torrent trackers as a crack tool that activates legitimate versions of various software like Foxit PDF Editor, JetBrains and AutoCAD.
Using a vulnerable driver for privilege escalation is common for state-sponsored threat actors and ransomware groups. However, the technique now appears to extend to info-stealing malware attacks.
See more: https://www.bleepingcomputer.com/news/security/new-steelfox-malware-hijacks-windows-pcs-using-vulnerable-driver/
#cybersecurity #malware