Malvertising Alert: Deceptive Tactics Targeting Notepad++ and VNote Installers
Tags
| country: | China |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 46b4eb14-a409-4a01-9b19-7049013f45c0 |
| Fingerprint | 39a1184622b775b8 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | April 10, 2024, 3:33 p.m. |
| Added to db | Aug. 31, 2024, 7:09 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | Malvertising Alert: Deceptive Tactics Targeting Notepad++ and VNote Installers |
| Title | Malvertising Alert: Deceptive Tactics Targeting Notepad++ and VNote Installers |
| Detected Hints/Tags/Attributes | 48/3/11 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 170 | ✔ | Malvertising on Medium | https://medium.com/feed/tag/Malvertising | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | vnote.fuwenkeji.cn |
|
| Details | Domain | 1 | vnote-1321786806.cos.ap-hongkong.myqcloud.com |
|
| Details | Domain | 1 | vnote.info |
|
| Details | Domain | 1 | vnotepad.com |
|
| Details | Domain | 2 | myqcloud.com |
|
| Details | Domain | 280 | thehackernews.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | File | 1 | 0-plugin-installer.exe |
|
| Details | File | 1 | malicious-ads-targeting-chinese-users.html |
|
| Details | Url | 1 | https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html |
|
| Details | Url | 1 | https://securelist.com/trojanized-text-editor-apps/112167 |