Such a vulnerability stems from impacted devices' usage of an American Megatrends International-generated Platform Key with the "DO NOT TRUST" tag that the vendors should have replaced, according to a report from the Binarly Research Team.
Information exposed by the hacking incident revealed not only all devices infected with Spytech spyware, most of which were Windows PCs, but also their unencrypted activity logs.
Intrusions involved the use of the domain, crowdstrike-office365[.]com, to lure users into downloading a recovery tool purportedly addressing update-related boot loop issues but delivers a malware loader.
Stargazer Goblin used such GitHub Ghost accounts to establish the legitimacy of hundreds of repositories touted to be for social media, gaming, and cryptocurrency, according to a Check Point Research report.
Intrusions conducted by PatchWork commenced with the distribution of a malicious LNK file enabling the download of a fraudulent PDF to conceal compromise with Brute Ratel C4 and PGoShell malware.