.webp)
The malware persists in the system, periodically accessing the command-control server to download and execute more malicious activities
Recently, Indian Software Company Conceptworld fell victim to a supply chain attack that affected three of their most popular products: Notezilla, RecentX, and Copywiz. According to cybersecurity firm Rapid7, malicious users trojanized the installation software and installed information-stealing malware. This compromised version was discovered on June 18, 2024, and Conceptworld immediately addressed it, resolving the issue within 12 hours.
Trojanized installers were designed to introduce malware that is capable of stealing sensitive information from infected Windows computers. This includes storing browser credentials, cryptocurrency, and wallet information, logging keystrokes, and capturing clipboard contents. Additionally, the malware persists in the system, periodically accessing the command-control server to download and execute more malicious activities. Rapid7 noted that affected installers can be identified by their large file sizes and lack of digital signatures, distinguishing them from authentic versions. Users who downloaded Notezilla, RecentX, or Copywhiz installers in June 2024 are recommended to scan their systems for signs of compromise and consider re-imaging affected devices to mitigate potential risks since the process of the breach remains unclear.
This case highlights the ongoing risk of attacks in the supply chain and highlights the importance of vigilance and prompt response to prevent such malicious acts.
.webp)
