Beware: Fake SonicWall VPN App Steals Your Credentials in SilentRoute Scam!
Unknown threat actors are using a trojanized version of SonicWall’s NetExtender to steal credentials, sneakily making users think they’re getting genuine VPN software. Dubbed SilentRoute, this malicious software is distributed via fake websites, tricking users into downloading it. It’s a classic case of “you got what you didn’t pay for.”
Hot Take:
Who knew that downloading a VPN could lead to downloading a Very Pesky Nuisance? It’s a bad day for SonicWall users who got more than they bargained for, thanks to some sneaky cybercriminals. If only there was a VPN to protect us from shady VPNs!
Key Points:
- Trojans have been disguised as SonicWall’s SSL VPN NetExtender application to steal user credentials.
- The malicious software, dubbed SilentRoute, involves modified components like “NeService.exe” and “NetExtender.exe”.
- Fake website distributing the malware has been taken down, but not before it tricked users searching for NetExtender.
- Attackers used techniques like SEO poisoning and spear-phishing to spread the fake application.
- Another threat, EvilConwi, exploits ConnectWise signatures to mask malicious activities as legitimate processes.
Already a member? Log in here