A new phishing campaign is making the rounds, and it’s delivering malware to various users through a Windows 10 feature that has so far been considered somewhat useful if innocuous and otherwise harmless. The feature in question is called Windows Finger, and it is a command that essentially allows information contained on a system to be displayed remotely if the user that owns the system permits this information to be displayed in the first place.
It turns out that hackers are using this feature to deliver a new kind of malware known as MineBridge. Most victims receive some kind of an email that apparently contains the job resume of a potential applicant. If the user only skims through the resume things will be fine, but if they were to select the option that would enable editing of said document, malicious actors will be able to access the Windows Finger command use it to deliver and activate the malware.
While this is the first time that Windows Finger has been used to actively deliver malware, it is the second time overall that it’s been used to bypass system security. This allowed malware to be uploaded through other means without raising any alarms.
Microsoft really needs to do something to fix this issue because of the fact that this is the sort of thing that could potentially end up causing a lot of problems for Windows 10 users that are out there. It’s currently unknown if and when Microsoft would end up fixing this issue, so until then it is recommended that all Windows 10 users block this command from being operational. That way even if you get a malware infected file it wouldn’t be able to access the command and subsequently the malicious actor will have failed in their attempts to gain access to your system.
It turns out that hackers are using this feature to deliver a new kind of malware known as MineBridge. Most victims receive some kind of an email that apparently contains the job resume of a potential applicant. If the user only skims through the resume things will be fine, but if they were to select the option that would enable editing of said document, malicious actors will be able to access the Windows Finger command use it to deliver and activate the malware.
While this is the first time that Windows Finger has been used to actively deliver malware, it is the second time overall that it’s been used to bypass system security. This allowed malware to be uploaded through other means without raising any alarms.
Microsoft really needs to do something to fix this issue because of the fact that this is the sort of thing that could potentially end up causing a lot of problems for Windows 10 users that are out there. It’s currently unknown if and when Microsoft would end up fixing this issue, so until then it is recommended that all Windows 10 users block this command from being operational. That way even if you get a malware infected file it wouldn’t be able to access the command and subsequently the malicious actor will have failed in their attempts to gain access to your system.
