New Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A command-and-control framework called Winos 4.0 is being distributed through gaming-related applications, targeting Chinese-speaking users. The malware, rebuilt from Gh0st RAT, uses a multi-stage infection process involving fake BMP files, DLLs, and shellcode. It can harvest system information, capture clipboard content, gather cryptocurrency wallet data, and enable backdoor functionality. Winos 4.0 also allows for additional plugins to capture screenshots and upload sensitive documents. The framework is considered powerful, similar to Cobalt Strike and Sliver, and exploits users' trust in game optimization tools to deploy deep system control.
OPENCTI LABELS :
command-and-control,gh0st rat,cryptocurrency wallets,multi-stage infection,winos 4.0,optimization apps
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
New Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps