DarkGate Malware Distribution Campaigns Abusing Windows Defender SmartScreen Vulnerability

DarkGate malware exploits a recently patched Windows Defender SmartScreen vulnerability to install fake software, bypassing security checks. The flaw, CVE-2024-21412, enables attackers to dodge warnings by creating specific Windows Internet shortcuts. Microsoft fixed the issue in February, following its exploitation by the Water Hydra group to distribute DarkMe malware. Trend Micro now reports DarkGate operators using the same flaw to enhance infection rates on targeted systems. This development is significant as DarkGate, alongside Pikabot, fills the void left by QBot's disruption last summer in malware distribution. Read more...