Trend Tide News

Chinese Gamers Targeted in Winos4.0 Framework Scam


Chinese Gamers Targeted in Winos4.0 Framework Scam

Researchers are warning of an advanced malicious framework called Winos4.0 that's getting distributed in the installation tools, speed boosters, and optimization utilities for gaming applications.

The framework is rebuilt from Gh0strat with several modular components, each of them handling different functions; the framework has been deployed in several attack campaigns such as Silver Fox and Void Arachne.

"Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute further actions," Fortinet FortiGuard Labs researchers stated.

The campaigns using this framework have been previously documented by Trend Micro and the KnownSec 404 Team and have been observed targeting Chinese-speaking users, leveraging SEO tactics, social media, and messaging platforms like Telegram to distribute the malware.

Once the victim runs the application, it retrieves a fake BMP file from the server ad59t82g[.]com. The file then extracts the DLL, which is responsible for setting up the execution environment, according to the researchers.

The attack chain involves multiple encrypted data and C2 communication to complete the injection of the malware.

Previous articleNext article

POPULAR CATEGORY

commerce

11482

tech

10597

amusement

14006

science

6535

various

14888

healthcare

11515

sports

14967