Legitimate Sites Compromised to Spread Windows Backdoor, In a disturbing trend, cybercriminals are exploiting compromised websites to distribute a Windows backdoor dubbed BadSpace, masquerading as fake browser updates. This multi-stage attack chain involves an infected website, a command-and-control (C2) server, and a JScript downloader to deploy the backdoor onto unsuspecting victims’ systems.

According to German cybersecurity company G DATA, the attack begins with a compromised website, including those built on popular platforms like WordPress. The infected site injects code that checks if a user has visited the site before. If it’s their first visit, the code collects device information, IP address, user-agent, and location, and sends it to a hard-coded domain via an HTTP GET request.

The response from the server overlays the website’s contents with a fake Google Chrome update pop-up window, either dropping the malware directly or downloading and executing BadSpace through a JavaScript downloader. Researchers have linked this campaign to SocGholish, a known JavaScript-based downloader malware that spreads through similar means.

BadSpace is a formidable threat that can:

Harvest system information

Execute commands using cmd.exe
Read and write files

Delete scheduled tasks

Take screenshots

The malware also employs anti-sandbox checks and sets up persistence using scheduled tasks to ensure it remains on the system.

This alarming trend is not unique – both eSentire and Sucuri have warned of separate campaigns leveraging fake browser update lures on compromised sites to distribute information stealers and remote access trojans.

Protect Yourself

To stay safe from this type of attack:

Keep your operating system and software up-to-date

Be cautious when clicking on pop-up windows or download links from unfamiliar sources

Use reputable antivirus software and keep it updated

Avoid visiting compromised websites or those with suspicious URLs

Use strong passwords and enable two-factor authentication

By being aware of this threat and taking proactive measures, you can protect yourself from falling victim to this sneaky attack. Stay vigilant and stay safe online!Unleash Your Online Presence with SunsetHost: 30-Day Free Trial Available. In the world of web hosting, it’s essential to find a provider that meets your unique needs and offers the right balance of features, flexibility, and reliability. That’s where SunsetHost comes in – a web hosting company that provides a range of plans designed to cater to both new and experienced users.

At SunsetHost, we understand that every website is unique, which is why we offer a variety of plans that cater to different requirements. Whether you’re looking to launch a simple blog or a complex e-commerce platform, our web hosting plans have got you covered.

Exclusive Features at Your Fingertips

Our web hosting plans come with a range of exclusive features that set us apart from the competition. For instance, our 1-click popular free web app installation makes it easy to set up popular platforms like WordPress, Joomla, and Drupal with just a few clicks. Additionally, you’ll get access to free marketing tools, such as SEO tools and analytics software, to help you promote your website and track its performance.

But that’s not all – our web hosting plans also come with a charge-free website builder and a range of free web skins to help you create a stunning online presence without breaking the bank.

Unlimited Storage and Data Traffic

At SunsetHost, we understand that storage space and data traffic are critical components of any web hosting plan. That’s why our plans come with unlimited data storage and data traffic quotas, ensuring that your website can grow without any limitations.

Domain Name Registration and Multi-Domain Hosting

With our web hosting plans, you can register a domain name and host multiple domain names under one account. This means you can manage all your online properties from a single dashboard, making it easy to keep track of your online presence.

30-Day Free Trial: Test Drive Our Services

We’re so confident in our services that we’re offering a 30-day free trial for all new users. This gives you the opportunity to test drive our services and see how they meet your needs before committing to a paid plan.

SunsetHost is the perfect choice for anyone looking for reliable, feature-rich web hosting services. With our 30-day free trial, you can experience the best of our services without any financial risk. So why wait? Sign up for our free trial today and take the first step towards unleashing your online presence!