Hackers use a so-called zero-click exploit that does not require user interaction. To infect a device, the victim must visit a malicious site controlled by the group. After this, the RomCom backdoor is installed on the computer, giving attackers full access to the device, including the ability to execute commands and load additional modules.
ESET Researcher Damien Schaffer noted TechCrunch that the scale of the RomCom campaign varies greatly: from single attacks in individual countries to the destruction of hundreds of devices. According to him, the number of potential victims in different countries could reach 250 people, with most of them in Europe and North America. He also emphasized that the high technical sophistication of exploits indicates the serious training of hackers and their ability to develop complex and hidden attack methods.
Mozilla released a security update for Firefox on October 9, 2024, just one day after ESET notified the company of the issue. A similar update was released by the Tor Project, although Schaffer says no evidence has yet been found that the Tor browser has been compromised. Microsoft, in turn, closed the vulnerability in Windows on November 12, which also confirms the seriousness of the threat.
In 2024, the number of DDoS attacks in Russia has already exceeded 355 thousand, which is 16% more than in the entire last year. Director of Practical Security Lab Evgeniy Sobolev told RB.RU about innovative ways to protect against cybercriminals.
Cover photo: Ralf Liebhold /
Source: rb.ru
