Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 23 hours ago

GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

securityaffairs.com

1

14

GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure

securityaffairs.com

Resident Pulser@infosec.pubB to

Pulse of Truth@infosec.pubEnglish · 23 hours ago

1

Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode.

Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign abusing Valve’s Steam gaming platform. The experts discovered malware on approximately 1,980 WordPress sites that fetches its instructions by reading Steam Community profile comments, where the actual payload is […]

Chat

vagrancyand@sh.itjust.works
link
fedilink
English
arrow-up
3·
23 hours ago
I know DoTA’s unpopular these days but calling it malware is silly.

Just kidding, this is actually incredibly interesting and hopefully won’t mean the end of arbitrary unicode on steam profiles.

Pulse of Truth@infosec.pub

pulse_of_truth@infosec.pub

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !pulse_of_truth@infosec.pub

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

208 users / day
681 users / week
1.43K users / month
3.39K users / 6 months
1 local subscriber
2.41K subscribers
2.41K Posts
2K Comments
Modlog

mods:
krogoth@infosec.pub