Hackercool Magazine June 2023

No editor’s note but do you know it feels awesome while its raining outside and we are working inside our room, until & unless there’s no powercut. "THE NUMBER OF POTENTIALLY BREACHED ORGANIZATIONS SO FAR IS SIGNIFICANTLY GREATER THAN THE INITIAL NUMBER NAMED AS PART OF CLOP’S LAST MFT EXPLOITATION: THE FORTRA GOANYWHERE MFT CAMPAIGN," - RELIAQUEST THIRD FLAW UNCOVERED IN MOVEIT TRANSFER APP…

Hackers don’t send you a malicious EXE and ask you to click on it to get a reverse shell from your system. To make the hacking attack effective, lot of complex processes and steps are employed by them, These steps and processes that are used to infect a target system is called as Infection Chain. Hackers constantly improvise their infection chain to stay above the White Hat guys. In this Issue, we bring you the infection chain of ROKRAT, but first a little background. What is ROKRAT You all know what is a RAT. It is a Remote Administration Tool that is used to monitor computers remotely. ROKRAT was discovered by Cisco Talos Intelligence way back in 201 7. While analyzing a malicious document (maldoc) sent by North Korean hacking…

In our previous Issue, readers have learnt what is Papercut software, what is the vulnerability exposed in that software and how Threat Actors have been quick to exploit this to deploy their favorite payload. We have shown you how the vulnerability is exploited without Metasploit and a payload is dropped on the target system. In this Issue, we will be showing our readers how to exploit this same vulnerability using Metas-ploit module. But here too, we will be simulating a Real-world Scenario, where a threat actor exploited the vulnerability to gain a foothold on the target system, dumped their password hashes and then installed a RAT (Remote Administration Tool) on the target for persistent access. So let’s start. We will be using the same target Windows 10 system we used…

The big idea When a person is notified of a data breach involving their personal information, if they react with a feeling of fear – as opposed to anger – they’re more likely to stop using the site. That was the main finding of a study I conducted with three co-authors that examined which emotions lead customers to change their behavior after a breach. We found that angry customers, on the other hand, are more likely to vent on different social media platforms but then return to the breached site. We surveyed 208 U.S. consumers, ages 18 to 60, and asked them to describe their feelings after being informed of a data breach on their favorite and frequently used website. Subscription websites, such as Netflix and Xbox Live, and free-to-use…

Hello Hackercoolians, the makers of Kali Linux have released the second release of Kali Linux after they completed their 10 year anniversary. Here is everything new about this release. Hyper_V Image Kali Linux is available in various images for installation. Apart from VMware, VirtualBox and QEMU virtual images, now Kali Linux is available as an installer image for Microsoft Hyper-V. Desktop updates In the latest release of Kali, the makers added a nifty extension for the Xfce file manager, GtkHash. If you are using Xfce, you can easily calculate checksums of files by just right clicking on the fi le and then opening checksums tab. “My hacking involved pretty much exploring computer systems and obtaining access to the source code of telecommunication systems and computer operating systems, because my goal…

Threat Actors always search for ways to keep their payloads and malware FUD (Fully undetected). What if there was an engine that can keep your payloads FUD for a long time. In this issue, you are going to learn about one such malware obfuscation engine that is being used by various malware deployers since almost September 2022. Its name is BATCLOAK. Researchers at Trend Micro have recently observed heavily obfuscated BAT files consistently evading detection. They have also noticed that the recent iteration of BATcloak being used to deliver infamous malware families like Amadey, ASyncRAT, DarkCrystal RAT, Pure Miner, Quasar RAT, RedLine stealer, Remcos RAT, Smoke Loader, Venom RAT and Wazone RAT. What makes BAT-Cloak so special and effective. Let’s see. Image source: TrendMicro What is FUD? To the novices,…