Close Menu
    Facebook LinkedIn YouTube Instagram X (Twitter)
    Blue Tech Wave Media
    Facebook LinkedIn YouTube Instagram X (Twitter)
    • Home
    • Leadership Alliance
    • Exclusives
    • Internet Governance
      • Regulation
      • Governance Bodies
      • Emerging Tech
    • IT Infrastructure
      • Networking
      • Cloud
      • Data Centres
    • Company Stories
      • Profiles
      • Startups
      • Tech Titans
      • Partner Content
    • Others
      • Fintech
        • Blockchain
        • Payments
        • Regulation
      • Tech Trends
        • AI
        • AR/VR
        • IoT
      • Video / Podcast
    Blue Tech Wave Media
    Home » Microsoft Defender’s security breach enables spread of dangerous malware
    Microsoft-725
    Microsoft-725
    Cloud

    Microsoft Defender’s security breach enables spread of dangerous malware

    By Zoey ZhuJuly 25, 2024No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email
    • Cybercriminals are using a vulnerability in Microsoft Defender SmartScreen to deploy various types of malware, including ARC Stealer, Lumma, and Meduza.
    • The flaw, tracked as CVE-2024-21412, allows attackers to bypass Windows Defender’s protections, affecting users in Spain, Thailand, and the US.

    OUR TAKE
    The ongoing exploitation of the Microsoft Defender SmartScreen vulnerability highlights the persistent threat of cyber attacks targeting security weaknesses. The rapid deployment of sophisticated infostealers underscores the need for timely updates and vigilant security practices.

    — Zoey Zhu, BTW reporter

    What happened

    A critical vulnerability in Microsoft Defender SmartScreen, tracked as CVE-2024-21412, is being actively exploited by cybercriminals to spread malware. FortiGuard Labs has reported a new campaign targeting victims in Spain, Thailand, and the US with malware variants such as ARC Stealer, Lumma, and Meduza. This flaw enables attackers to bypass SmartScreen’s defenses, which are designed to protect users from online threats.

    The exploitation begins when victims click on a crafted link that downloads an LNK file, which in turn executes an HTML Application script. This vulnerability was first identified in mid-February 2024, with Trend Micro noting its abuse by the threat actor Water Hydra (DarkCasino) targeting crypto traders. Despite Microsoft releasing a patch for the flaw on February 13, 2024, it continues to be a target for cybercriminals.

    Also read: Microsoft launches fix for CrowdStrike-affected Windows PCs

    Also read: Open AI, Nvidia, Google and others form AI security alliance

    Why it’s important

    The ongoing exploitation of CVE-2024-21412 illustrates the growing sophistication and persistence of cyber threats, underscoring the critical need for timely and effective security measures. This vulnerability’s exploitation demonstrates how cybercriminals are adapting their strategies to bypass even advanced security features like Microsoft Defender SmartScreen. The use of infostealers such as ARC Stealer, Lumma, and Meduza reflects a shift towards more targeted attacks designed to extract sensitive information, including personal files, login credentials, and cryptocurrency data.

    This attack highlights the importance of regular software updates and the implementation of security patches to mitigate vulnerabilities before they can be exploited. The evolving nature of these threats calls for heightened vigilance from both individuals and organisations. Ensuring that security measures are up-to-date and that users are educated about potential risks are crucial steps in defending against such sophisticated cyber attacks. The incident also serves as a reminder of the need for continuous improvement in cybersecurity practices to safeguard against emerging threats.

    Cybersecurity Defender Microsoft
    Zoey Zhu
    • Instagram

    Zoey Zhu is a news reporter at Blue Tech Wave media specialised in tech trends. She got a Master degree from University College London. Send emails to z.zhu@btw.media.

    Related Posts

    Comsys (GH) Limited: West Africa’s enterprise network innovator

    July 9, 2025

    Groq expands to Europe with new Helsinki AI inference centre

    July 9, 2025

    Comcast moves more data with less energy used

    July 9, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    CATEGORIES
    Archives
    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023

    Blue Tech Wave (BTW.Media) is a future-facing tech media brand delivering sharp insights, trendspotting, and bold storytelling across digital, social, and video. We translate complexity into clarity—so you’re always ahead of the curve.

    BTW
    • About BTW
    • Contact Us
    • Join Our Team
    TERMS
    • Privacy Policy
    • Cookie Policy
    • Terms of Use
    Facebook X (Twitter) Instagram YouTube LinkedIn

    Type above and press Enter to search. Press Esc to cancel.