{"id":166152,"date":"2024-07-25T10:20:55","date_gmt":"2024-07-25T10:20:55","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=166152"},"modified":"2024-07-25T10:20:57","modified_gmt":"2024-07-25T10:20:57","slug":"cve-2024-21412-flaw-info-stealers","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/166152\/security\/cve-2024-21412-flaw-info-stealers.html","title":{"rendered":"Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers<\/gwmw>"},"content":{"rendered":"
<\/div>\n

The CVE-2024-21412<\/a> flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer,\u00a0Lumma, and\u00a0Meduza.<\/h2>\n\n\n\n

Fortinet FortiGuard Labs researchers observed a malware campaign exploiting the vulnerability CVE-2024-21412<\/a>\u00a0(CVSS score: 8.1) to spread information stealer, such as ACR Stealer,\u00a0Lumma<\/a>, and\u00a0Meduza.<\/gwmw><\/p>\n\n\n\n

The CVE-2024-21412<\/a>\u00a0is an Internet Shortcut Files Security Feature Bypass Vulnerability. <\/gwmw><\/p>\n\n\n\n

The flaw resides in Microsoft Windows SmartScreen and is caused by improper handling of maliciously crafted files. An unauthenticated attacker can trigger the flaw by sending the victim a specially crafted file that is designed to bypass displayed security checks. The attacker has to trick the victims into clicking the file link. The flaw was reported by:<\/p>\n\n\n\n