Another vital Windows tool is being abused to sideload malware

Cybercriminals have been spotted carrying malware (Opens in a new tab) on vulnerable Windows endpoints through a legitimate Windows problem reporting tool called WerFault.exe.

According to researchers from K7 Security Labs, who first discovered the campaign, the hackers (presumably from China) would send a phishing email containing the ISO file. An ISO is an optical disc image file which, when booted, will be mounted as a new drive letter (as if the user had loaded a CD or DVD).

Leave a Comment