Users should beware as a new threat lurks in the world of cyberspace and if your not careful enough, you too could be a victim of a serious cybersecurity attack. Before we move on to the actual threat we should inform you about what feature is being used to infect computers by hackers. The Windows 10 has a finger command feature which is used to display all information regarding the user’s system on a remote machine. Now the feature at this point may seem harmless, but it does have a fair share of problems as well.
The said feature is being exploited by hackers who through it, infect computers with malware. A recent report which comes from Bleeping Computer, a website that is dedicated to sharing information regarding everything relevant to computer technology, the report says that the command can be used to download the MineBridge malware on an unsuspecting user’s device.
In addition, a notable security researcher working at the Bleeping Computer, Kirk Sayre, has identified what he believes is a new phishing campaign which is being conducted through the Windows 10 finger command. The campaign involves sending a job resume from a supposed candidate, however, when the victim clicks on the tab, it runs a macro which uses the Finger command to download a disguised malware executable. Once downloaded, this triggers the downloader to use DLL hijacking to sideload the MineBridge malware.
Must Read: 9 Rules that helps you to protect your passwords
It should be noted that, this is not the first time that a MineBridge malware has been found on the internet infecting computer systems. In early 2020, researchers found out that this same malware which was being used to sponsor phishing campaigns against financial services firms in the United States. The phishing campaign involved the same fraudulent job application approach which was adopted back then as well.
Keeping in mind that, the Finger command is rarely used, it is very unlikely that the virus will be able to do a lot of damage but one can never be to sure. Hence, it would be a viable option for the administrators to block the command in order to prevent unauthorized third-party access from cyber attacks.