Security Analysts Targeted by Fake PoC
Ransomware attacks have been trending upwards since the beginning of 2022, and that is in addition to the large-scale number of cyber attacks launched by dark web hackers due to the current war led by the Russian empire on the sovereign nation of Ukraine.
With this current hacking trend that is set to explode in 2022, security researchers have utilized proof-of-concept vulnerabilities to evaluate companies existing safeguards against brute force cyber security breaches carried out by hackers. The new vulnerability test was created to force business administrators to upgrade their private computer networks and install the proper security protocols.
Zero-day bug vulnerabilities are the main entryway for threat actors to infect network systems with viruses and malware, These are frequently employed in the exploits of criminal hackers to commit cyber security breaches, that have been documented to spread laterally throughout infected businesses’ data networks.
The recently discovered fake proof of concept exploit is just one of many, which is usually aimed at the cyber-security information community. Recently, two proof-of-concept exploits for the Windows CVE-2022-24500 and CVE-2022-26809 vulnerabilities were published on GitHub by a dark web hacker.
The aforementioned exploits were posted in repositories belonging to a threat actor identified by the moniker ‘rkxxz,’. However, with swift action by cyber security teams, the proof-of-concept exploits were quickly discovered to be false, with its intended target to install the Cobalt Strike on victims’ android devices.
Hackers’ War Against Infosec Community
The Twitter social media platform is often utilized when a proof-of-concept is published by a hacker. With each release, the news gets out quickly and thereby attracts the interest of malicious hacking groups associated with cyber crime forums found mostly on the dark web.
Reports show that the dark web hackers are utilizing the same concept used by security researchers to evaluate their own protections against zero-day bugs vulnerabilities. And, on the other hand, proof-of-concept vulnerability is a unique weapon that website administrators can use to install critical security upgrades.
Analytical research shows that hackers routinely employ Cobalt Strike, which is a legitimate pen-testing tool that has the capability to compromise and spread quickly within a breached computer network database.
Cyber security experts studied the PoC report released by cybersecurity firm Cyble and discovered the ease with which a .NET program could purportedly exploit an IP address and infected it with malicious malware through a virus backdoor.
Threat actors have previously targeted vulnerabilities researchers and pentesters. In January 2021, the North Korean Lazarus dark web hackers used social media profiles and zero-day bugs vulnerabilities to target computer networks of cyber security analysts. Additionally, another massive hack in March 2021, by the North Korean hackers involved the information security community.