New hacker-for-hire group targets companies’ proprietary information using a new malicious 3Ds Max plugin to infect their system. The security firm, Bitdefender, stated that the new hacker group was identified using a malware that is hidden within malicious 3Ds Max plugins to breach companies’ database.

Also Read: iPhone Spyware Found Secretly Used by One City in California For $15,000? Here’s Why It Is Alarming

Autodesk, a software giant, developed the 3D computer graphics application called “3D.” It is an application usually downloaded and used by architecture, gaming, software, and engineering companies.

Also Read: AT&T on Proposed 4G Speed Test: Testing 10% of Coverage Could Already Cost About $18M Annually

On Aug. 10, the security alert about the malicious plugin called “PhysXPluginMfx” was published by Autodesk, stating that abused a scripting utility called MAXScript, which ships with the 3Ds Max software.

The security report warned that the PhysXPluginMfx plugin would activate the malicious MAXScript operations when loaded inside 3Ds. This could run malicious code, propagate and infect other MAX files on Windows system, as well as corrupt 3Ds Max settings.

PhysXPluginMfx can also help the malware spread to other users that opened and received the files. However, the malicious plugin’s real goal was to deploy a backdoor trojan that cyber attackers could use to scout infected computers for sensitive files, as explained by Bitdefender after taking a closer look at the exploit.

Other security firms also reported the mercenary hackers’ attacks. The Romanian cybersecurity firm stated that it could identify the hacking group’s attacks against a video production and an international architectural company.

The companies have billion-dollar luxury real-estate developers across four continents, engaging in architectural projects. The investigation also revealed that the cyber attackers used a malware command and control (C&C) server located in South Korea.

“When looking at our own telemetry, we found other samples that communicated with the same C&C server,” said Liviu Arsene, the Senior E-Threat Analyst at Bitdefender.”Which means that the group was not limited to only developing samples for the victim that we investigated,” added Arsene.

The malicious malware samples also initiated connections to the C&C server from different countries such as United States, Japan, South Africa, and South Korea. 

Also Read: FBI and CISA Warns About ‘Vishing’ and Now Rampant Because of Mass Shifting To WFH

By clicking on ‘Submit’ button above, you confirm that you accept Tech Times Terms & Conditions


World news – GB – [WARNING] Mercenary Hackers Steal Companies’ Proprietary Information

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici


Please enter your comment!
Please enter your name here