Oasis Ticket Sales Scams: How to Stay Safe
During our weekly meetings with the banking industry and Police Scotland, we continue to see a significant increase in ticket scams over the last three…
Hackers Spreading GHOSTPULSE malware using Microsoft MSIX App
Overview
Hackers are using fake Windows app packages to spread a new type of malware called GHOSTPULSE. The fake packages are for popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex.
The hackers are cleverly tricking people into downloading the fake Windows app packages through several methods, such as compromised websites, fake search results, and malicious ads. When someone clicks on the fake package, a Windows prompt asks them to click the “Install” button. If they do, a hidden script will download the GHOSTPULSE malware onto their computer from a remote server via a PowerShell script.
What does GHOSTPULSE do…
GHOSTPULSE is a type of malware that helps facilitate other malware to start running on a system. It does this by using process doppelgänging, which creates a fake copy of a legitimate Windows process and loads the malware into that process.
How to keep safe
- Only download software from trusted sources. This includes the official websites of software developers and app stores.
- Be careful about clicking on links in emails and messages. If you don’t know the sender, or if the link looks suspicious, don’t click on it.
- Keep your software up to date. Software updates often include security patches that can help protect you from malware.
- Use a good antivirus program and keep it up to date. An antivirus program can scan your computer for malware and remove it if it’s found.
- Be careful about what attachments you open. If you’re not expecting an attachment, or if it is from someone you don’t know, don’t open it.
- Be careful about what websites you visit. Some websites may contain malware that can be downloaded to your computer without your knowledge.
- Use a VPN when connecting to public Wi-Fi. A VPN encrypts your traffic, making it more difficult for hackers to intercept your data.
Related Links
Related articles
Alert: Unpatched Microsoft Office Vulnerability Exposes NTLM Hashes
Microsoft has recently disclosed a significant security vulnerability affecting multiple versions of its Office suite, including Office 2016, Office 2019, Office LTSC 2021 and Microsoft…
Public Alert: Windows 11 End of Support – Action Required
Microsoft has issued an important reminder that multiple editions of Windows 11 will reach the end of their support lifecycle on 8 October 2024. This…