Your Windows PC in danger: this terrible virus attacks all your data and your crypto wallets

© Image generated by Dall-E artificial intelligence

Computer security has become a major concern for PC users, especially those running Windows. Recently, Phemedrone Stealer, a new threat compromising the security of personal and professional data has emerged. Identified by Trend Micro experts, this sophisticated malware poses a real and immediate danger to Windows users.

Phemedrone Stealer stands out for its ability to bypass traditional security measures, including Microsoft Defender, the antivirus built into Windows. It mainly targets sensitive data such as usernames and passwords, cryptocurrency wallet information and can even take screenshots without the user's knowledge.

How Phemedrone Stealer puts your personal information at risk

This malware exploits a specific flaw in Windows, known as CVE-2023-36025, which affects Windows Defender Smartscreen. The vulnerability stems from insufficient verification of Internet shortcuts (.url), allowing hackers to generate malicious .url files. These files are designed to download and run harmful scripts, thereby bypassing Smartscreen warnings.

Web browsers, messaging applications such as Steam, Telegram and Discord, as well as FTP clients such as FileZilla, are prime targets for Phemedrone Stealer. The malware can extract passwords, cookies, and even information stored in popular password managers such as LastPass, KeePass, NordPass, Google Authenticator, and Microsoft Authenticator.

200% Deposit Bonus up to €3,000 180% First Deposit Bonus up to $20,000

Even more worrying, Phemedrone Stealer is open source malware.Thus, the malware code is maintained on platforms like Github and Telegram, making it easier for other cybercriminals to distribute and adapt it. This accessibility increases the risk of propagation and diversification of attacks using this malware.

How to protect yourself from Phemedrone Stealer ?

Although Microsoft released a patch for CVE-2023-36025 last November, the threat remains for unpatched systems up to date. It is therefore crucial for Windows users to ensure that their system and antivirus software are up to date with the latest security updates.

In addition to regular updates, users should adopt robust IT security practices. This includes being wary of unknown links and files, using strong password managers, and regularly monitoring accounts for suspicious activity.

• Phemedrone Stealer, a malware targeting Windows users, capable of stealing usernames, passwords and cryptocurrency information, puts your PC at risk
• It exploits the CVE- flaw 2023-36025, a vulnerability in Windows Defender Smartscreen, allowing stealth downloads and executions of malicious scripts
• Microsoft has fixed the flaw, but users should update their systems to protect yourself effectively.

📍 To not miss any news from Presse-citron, follow us on Google News and WhatsApp.