The Windows Finger command, which is used to display information about the users on a remote machine is being exploited by hackers. The hackers are using this simple command to cause cyber attacks on Windows 10 devices by infecting them with malware. It has been reported that the command can be abused to download MineBridge malware on undoubting victims’ devices.
As per the report released by the Bleeping Computer, that Kirk Sayre, a security researcher, discovered a new phishing campaign using the Finger Command of Windows 10. The campaign works as a supposed person sends a job resume for a victim to click on. When the unsuspecting person clicks on it, the campaign runs a macro that will use the Finger Command of Windows 10 to download a concealed malware executable. The hacker then uses DLL hijacking to sideload the MineBridge malware.
Read more: Upcoming Android feature ‘Hibernation’, will now reduce size of unused Apps
As this technique of MineBridge malware is not applied for the first time by the
Hackers, last year had been discovered by security researchers at FireEye. At that time a phishing campaign was involved with the same deceitful manner of sending job applications and trapping innocent people.
Although, the rare usage of the Finger command of Windows 10 enables fewer chances of getting stuck in schemes of hackers. However, it would be a positive move if the administration of a system blocks the said command to avert the chances of devices getting infected with the MineBridge Malware.
The increasing popularity of phishing campaigns continues due to the growing number of people working remotely, therefore is high time now that the IT heads in the respective companies and firms take the charge and increase their security measure to avoid cybercrime attacks.
Source: Pro Pakistani
