Kbdus.dll is a library that will be loaded when the user uses the US keyboard layout (id 0x00000409). In fact, this file was compiled at the beginning of October 2019. The attacker also changed the time attribute of the kbdus.dll file to the time of the UnikeyNT.exe file so that people could easily deceive the user. In the case below, the file kbdus.dll (PE 32bit) containing malicious code has been inserted in the same directory as UnikeyNT.exe (version 4.0 RC2 Build 091101 NT). Also update the vulnerability patches for Windows. Therefore users should only download the official version of unikey from the website nor open strange files with strange paths. and use many techniques to trick users into running (exploit, phishing. Taking advantage of this, an attacker could create unikey installers using the official UnikeyNT.exe file but insert it in the same malicious directory. Unikey is Vietnamese typing software for Windows very popular in Vietnam. The CMD CMDD monitoring system detected malicious code that took advantage of Unikey software to attack Vietnamese users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |