Taiwanese hackers have discovered a brand-new method to infiltrate the Windows operating system, shocking the cybersecurity community. Here’s everything we know about this unprecedented attack…
A Previously Unseen Windows Vulnerability Uncovered!
A university in Taiwan recently fell victim to a complex cyberattack, exposing a previously undocumented backdoor in the Windows operating system. The method used by the hackers, known as Msupedge, has caught cybersecurity experts off guard, sending alarms across the industry.
According to the Symantec Threat Hunter Team, the malware, referred to as Msupedge, is a Dynamic Link Library (.DLL) designed to communicate with a Command and Control (C&C) server using DNS traffic. This technique, known as DNS tunneling, is rarely seen and typically has a low success rate. However, in this instance, it proved effective.
This backdoor allows the attackers to carry out a range of activities on the compromised system, including creating processes, downloading files, shutting down the system for a predetermined period, creating temporary files, and deleting data. While the true intent behind the hackers’ infiltration of the university’s database remains unclear, the capabilities enabled by this backdoor are significant.
In the early stages of the attack, the hackers exploited a critical PHP vulnerability (assigned CVE-2024-4577), which has been given a severity rating of 9.8/10. This remote code execution flaw likely provided the attackers with their initial access to the university’s systems.
As the investigation continues, Taiwanese authorities and cybersecurity professionals are working to assess the full scope of the attack and its impact on the university’s systems.
