Microsoft says Austrian company sells spyware, has fixed related vulnerabilities

Visit the original URL

New cool products will be tested for free for the first time, and many high-quality talents will share their unique life experiences. Come to Sina Public Test and experience the most cutting-edge, most interesting and fun products in various fields~! Download the client and get exclusive benefits!

According to The Register, Microsoft’s Threat Intelligence Center (MSTIC) alleges that an Austrian company sells spyware that can monitor the computers of law firms, banks and consulting firms without authorization.

Microsoft said that while Austrian DSIRF appears to be a legitimate company, research has found various links to the spyware SubZero (which Microsoft calls Knotweed), such as the command and control infrastructure used by the software linked to DSIRF, The GitHub account associated with DSIRF has carried out an attack, etc.

Microsoft said the software had attacked law firms, banks and strategic consultancies in countries including Austria, the United Kingdom and Panama. The software, which is distributed via emailed PDF files , exploits zero-days that allow the software to gain control of the computer.

It is worth mentioning that SubZero software, as a Trojan virus, can completely control the attacked system. When the attack is successful, the software will lurk in the background and can capture screenshots, keylogging and even download plugins from the server.

While the company still sells spyware, Microsoft has flagged the security flaw as CVE-2022-22047, and it has been patched to fix it. Therefore, Microsoft recommends that users keep system security patches updated and malware detection.

IT Home has learned that DSIRF is a private attack company (Private-Sector Offensive Actors, referred to as PSOA), which Microsoft refers to as cyber mercenaries. DSIRF, which serves multinational companies in the technology, retail, energy and financial sectors, has a suite of highly sophisticated technologies for collecting and analyzing information, according to its website.

In addition, the website shows that the company can conduct investigations and risk analysis through in-depth knowledge of individuals and entities, DSIRF has a highly skilled team to challenge your company’s key assets.

media coverage

CNBeta CNBeta IT Home Sina Technology
Related events

This article is reprinted from:
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment

Your email address will not be published.