Automatically translated.View original post

NANOREMOTE malware aimed at attacking Windows users

NANOREMOTE malware aimed at attacking Windows users, accessing Google Drive, victim

The API or Application Programming Interface is a popular tool to help applications and systems work together seamlessly to the extent that they are used today. But by connecting, as mentioned, it has become a tool for hackers.

According to a report by the website, Cyberpress has mentioned the detection of a system back door or backdoor malware distribution campaign called NANOREMOTE by a research team from Elastic Security Labs, a cybersecurity expert organization, in October. The research team estimated that the malware was involved in spying campaigns like FINALDRAFT and REF7707. The malware's capabilities are called bad because it has a high level of command execution capabilities, data extraction capabilities, and, most importantly, the use of the Google Drive API to send malware files (payload). To embed the victim's system by converting Google Drive into a control server channel (C2 or Command and Control) to bypass local protection.

For embedded on the victim's machine, it starts with a loader called WMLOADER. The research team did not say what method the hacker used to trick the victim into opening the file. It only says that when inside the machine, the malware impersonates a process of cyberprotection software like Bitdefender called BDReinit.exe with a signature on the wrong file. After the malware embedded on the system, the malware reserved an Allocated Memory area to decryption and loaded Shellcode into memory to use. The AES-CBC algorithm to decode a malware file called wmsetup.log into memory again by running everything on this memory to complicate the detection system.

In the technical data section of this malware, NANOREMOTE is a malware written on the C + + language that has the ability to fully control endpoints and support 22 commands (Commands) for Reconnaissance, file management and folders on the victim's machine, other commands, to file traffic between the victim's machine and hackers. The latter has the use of a task manager with a traffic queuing system, traffic stops, traffic reactivations. (Resume) This file move system will be an OAuth 2.0 authentication. It joins the Google Drive / drive / v3 / files folder, allowing malware to use the victim's Google Drive at will.

The AES-CBC encryption system, in addition to being used to encrypt Payload files as mentioned above, is also used to encrypt communications between malware and C2 servers in HTTP Requests. It is a combination of Zlib compression, wired to IP numbers that are saved as constants.

In addition, the malware has the ability to stealth (Stealth) inside the system through the use of the libPeConv function to change the path (Maps) of PE type files within the memory to avoid being analyzed for loading such types of files. In addition, Microsoft's Detours Library is used to control (Hook) ExitProcess and FatalExit functions to prevent the process being successfully closed before running. Not only during operation, the malware also stores Log data that comes with GUID identification numbers and malware operation data within the Log folder.

The good news is that after Elastic Labs detected and analyzed the malware, the company successfully added this malware detection potential to its anti-malware products, making those who use the products of the company that updated the patch more secure from the malware.

# Welcome 2026 # Take care of yourself # Open budget # Includes IT matters # Windows

1/6 Edited to

... Read moreจากประสบการณ์ส่วนตัว ผมเคยได้ยินเรื่องการใช้ Google Drive เป็นช่องทางสื่อสารของมัลแวร์มาก่อน แต่ NANOREMOTE นั้นน่าสนใจเพราะมันใช้ Google Drive API ผ่านระบบยืนยันตัวตน OAuth 2.0 ทำให้มัลแวร์สามารถรับส่งไฟล์ผ่านไดรฟ์ของเหยื่อโดยไม่ถูกสงสัยง่าย ๆ นอกจากนี้ ตัว Loader ที่ชื่อ WMLOADER ยังปลอมตัวเป็น Process ของซอฟต์แวร์ความปลอดภัยอย่าง Bitdefender เพื่อหลบเลี่ยงการตรวจจับอีกด้วย การที่มัลแวร์ใช้การเข้ารหัส AES-CBC ทั้งกับไฟล์ Payload และการสื่อสารกับเซิร์ฟเวอร์ C2 ผ่าน HTTP Requests พร้อมการบีบอัดด้วย Zlib ช่วยให้การส่งข้อมูลดูเหมือนไม่มีพิรุธและทำให้ระบบป้องกันเดิมตรวจจับได้ยากขึ้น จากที่ผมได้ติดตามประเด็นนี้ทำให้เห็นว่าแฮกเกอร์มีการพัฒนาวิธีการที่ซับซ้อนขึ้นเรื่อย ๆ เพื่อหลบหลีกระบบตรวจจับและแทรกซึมเข้าสู่เครื่องเหยื่อโดยตรง ผู้ใช้ Windows จึงควรตระหนักถึงการอัปเดตแพตช์และซอฟต์แวร์ป้องกันไวรัสอย่างสม่ำเสมอ รวมถึงระมัดระวังการเปิดไฟล์หรือโปรแกรมที่ไม่รู้ที่มา เพราะ WMLOADER อาจถูกส่งมาผ่านอีเมลฟิชชิงหรือไฟล์แนบที่น่าฝันหรือไม่น่าเชื่อถือ นอกจากนี้ การควบคุมสิทธิ์การเข้าถึง Google Drive และตรวจสอบประวัติการใช้งานภายในบัญชีก็เป็นสิ่งสำคัญในการป้องกันการโจมตีในรูปแบบนี้ได้อย่างมีประสิทธิภาพ สุดท้ายนี้ การที่ Elastic Security Labs สามารถวิเคราะห์และเพิ่มความสามารถตรวจจับมัลแวร์ NANOREMOTE ลงในเครื่องมือของพวกเขาเป็นข่าวดีสำหรับวงการความปลอดภัยไซเบอร์ ผู้ใช้ควรอัปเดตเครื่องมือรักษาความปลอดภัยอย่างต่อเนื่องเพื่อป้องกันภัยคุกคามที่ซับซ้อนนี้และลดความเสี่ยงในการถูกโจมตีได้อย่างมาก

Related posts

Narcissistic relationship behaviors like weaponized incompetence and contempt are two very common relationship dynamics. It's important to highlight that even though weaponized incompetence is a very real and damaging behavior that creates valid emotions within the other partner - it is not okay
Mat & Ash

Mat & Ash

1617 likes

🌿 🤍 Bright Green Tea + Violet Vanilla Glow 🌿💜
Today’s layer is giving fresh, cozy, and lightly sweet without feeling heavy: Elizabeth Arden Green Tea Valentino Donna Born in Roma Green Stravaganza Solar Flare / Cheirosa 59-style mist This opens clean and bright with that spa-like green tea freshness, then Green Stravaganza adds a smoot
✨ Malware Noir ✨

✨ Malware Noir ✨

10 likes

Replying to @malwaredb my favorite eyeshadows from Moira 💗 I use the shade renegade so often and people literally stop me to ask where it’s from almost every time I wear it! #beauty #makeup #eyeshadow @moiracosmetics
aaliyah ✈️

aaliyah ✈️

0 likes

Prompts for creators
🌱 From Chaos to Calendar: Ready to move those organized tasks into Notion? Here are 3 simple steps to seamlessly integrate your to-dos into your existing system. Keep it low-friction & effective! Copy & paste your sorted tasks! 📅 #NotionTips #TaskManagement #DigitalOrganization #work
Bytes' Atelier

Bytes' Atelier

11 likes

A desk setup with a curved monitor displaying a pink grid wallpaper and pixel art juice boxes. An overlay on the screen reads "How to Make Your PC Run Faster – 5 Easy Tips!". A keyboard, laptop, and drink are on the desk, with a Lemon8 watermark.
A desk setup with a monitor displaying tips for a faster PC, including "Upgrade Your Storage & RAM," "Keep Your Drivers & OS Updated," and "Check for Malware & Viruses." An overlay highlights "Upgrade Your Storage & RAM and more!" with a Lemon8 watermark.
A desk setup with a monitor displaying instructions for "Disable Startup Programs" and "Clean Temporary Files." The screen shows steps like using Task Manager and deleting temporary files. A keyboard, laptop, and drink are on the desk, with a Lemon8 watermark.
⚡ How to Make Your PC Run Faster – 5 Easy Tips! 🖥️🔥
💡 1. Disable Startup Programs 🚀 Too many apps launching at startup slow down your PC! ✅ Open Task Manager (Ctrl + Shift + Esc) ✅ Go to the Startup tab ✅ Disable unnecessary apps to speed up boot time 💡 2. Clean Temporary Files 🗑️ Over time, junk files slow your system down. ✅ Press Win
skaeszun

skaeszun

284 likes

It's no secret that Karol G just slayed the #Grammys #Glambot . #AwardsSeason
user6854050772614

user6854050772614

11 likes

Check out this website that helps you when you’re feeling uninspired! I walk you thru the process of downloading the svg file to taking it to cricut design space! Happy crafting. #designinspo #creativeart #cricutprojects #svgfiles #CricutTips
VlunaWorks

VlunaWorks

48 likes

for the low energy days frfr
Some days I don’t need a 10-step productivity system. I need something gentle enough for a tired brain. Here are 3 AI prompts I use when I’m overwhelmed: 1. “Help me pick the 3 most important things I need to do today. Keep it realistic.” 2. “Turn this messy brain dump into a simple checkli
Bytes' Atelier

Bytes' Atelier

9 likes

Turn Jumbled Ideas into a Content Plan
A cozy creator prompt for sorting through messy thoughts when your brain feels too full to start. Use AI to organize what’s already in your head into clear themes, possible post ideas, and one simple place to begin. Perfect for overwhelmed creators who need a softer way to plan content without sta
Bytes' Atelier

Bytes' Atelier

6 likes

THURSDAY | 7 MAY 2026 | Cybersecurity Remote
The world is glitching, but we’re staying tuned. From the depths of the Atlantic to the edge of the atmosphere, here’s what’s hitting the desk today: 🌊 Undersea Intercept: A sophisticated tap on North Atlantic fiber cables is siphoning raw data. London to NYC latency is spiking. The physical
Cyber F.M.

Cyber F.M.

2 likes

A vibrant cover image featuring Anjali Viramgama amidst confetti, with the title "Top Cybersecurity Certificates." It highlights key certifications for advancing skills and knowledge in cybersecurity.
A card detailing the Certified Information Security Manager (CISM) certification. It explains CISM focuses on managing information security programs, covering risk management, governance, and incident response.
A card detailing the Certified Ethical Hacker (CEH) certification. It explains CEH focuses on ethical hacking and penetration testing, covering topics like network scanning, malware threats, and social engineering.
Top Cybersecurity Certificates
There are several reputable cybersecurity certifications that can help you advance your skills and knowledge in the field of cybersecurity. 1. Certified Information Systems Security Professional (CISSP): - CISSP is a globally recognized certification that covers a wide range of cybersecurit
anjali.gama

anjali.gama

111 likes

🚨 16 Billion passwords leaked - the largest breach ever 🚨 Here is how it happened and what you can do to be safe. #news #databreach #cybersecuritytips #onlinesafety
Cybersecurity Girl

Cybersecurity Girl

130 likes

Windows Tools - Part 1: Task Manager
💻 Windows Tools Every IT Professional Should Know 🩷 Part 1: Task Manager Task Manager is one of the first tools many IT professionals learn to use—and for good reason. Whether you’re troubleshooting a slow computer, investigating high resource usage, reviewing startup applications, monitorin
ITwDee

ITwDee

9 likes

Happy Pride 🌈 Smell Gay 💋
KST is a true fragrance artist! and my clients are addicted to the Banana Milk Coffee. They have told me it's the perfect summer coffee scent. Other clients like Gay Oppa and P*ssy Power more. And I know they plan on wearing them to pride events ⭐️Overall rating: 10/10 #bananaperfumes
✨ Malware Noir ✨

✨ Malware Noir ✨

1 like

You need TikTok ?
Here is how you can download TikTok if you need help with and apple phone just ask me I can help with Apple phone you need to change your region on the Apple Pay store
Ali

Ali

10 likes

Turn Your Perfume Into a Content Idea
A tiny creator prompt for turning your fragrance shelf into content inspiration. Pick one perfume, describe it, or upload a photo — then let AI help you turn the scent into a mood, story, and post idea. #AICreatorPrompt #PerfumeTok #ContentIdeas 📝 Prompt: “Use this perfume as inspir
Bytes' Atelier

Bytes' Atelier

6 likes

A white card titled "Card 1: AI-Powered Morning Routine Designer" on a wooden table, next to a steaming cup of tea, an open notebook, and a succulent. The card details a use case for designing a gentle, effective, and cozy morning routine using AI.
A white card titled "Card 2: Weekly Review & Reflection with AI Insights" on a wooden table, surrounded by a succulent, a notebook, and a "COZY" mug. The card describes a use case for conducting a reflective weekly review with AI to optimize workflow.
A white card titled "Card 3: Distraction-Free Focus Space AI Setup" on a wooden table, with a steaming cup, notebook, and pen. The card outlines a use case for creating a Notion focus mode for deep work, minimizing friction and maximizing flow.
🎨 Cozy Notion AI Prompt Pack: OS Lessons
Transform your Notion workspace with this cozy prompt pack! Learn how to use Notion AI with lessons from my personal operating system for gentle productivity and effortless organization. Perfect for beginners looking to integrate AI into their daily flow. #Notion #NotionAI #Productivity #
Bytes' Atelier

Bytes' Atelier

4 likes

A colorful Disney tattoo of Stitch from Lilo & Stitch on an arm, featuring a watercolor-style blue and purple splatter background. The character is depicted with a wide, happy grin and outstretched arms, showcasing a vibrant and playful design.
A Disney tattoo on an arm featuring Thumper from Bambi, sitting among purple and blue flowers and tall grass. The tattoo includes the text "Macushla R.I.P. Johnny" below the character, rendered in a traditional tattoo style.
A traditional-style Disney tattoo on a leg depicting Esmeralda from The Hunchback of Notre Dame. She is shown in a flowing purple dress, holding a large crescent moon or hoop, surrounded by golden stars. The text "From my flash! Tiny blast over" is visible.
🏰✨Disney Tattoos✨🏰
Did you know, I’m a HUGE Disney nerd! It’s always a treat whenever I get to do something based on Disney, small or big, flash or custom 🥰 Here’s just a small compilation of some of my favorites! #disney #disneytattoo #tattoo #tattooartist #traditionaltattoo
Malware 🔜 FC

Malware 🔜 FC

378 likes

😫 Wanting to quit your 9-5?
Becoming a Pinterest Manager might be for you! In less than a year, I went from earning $2K at my 9-5 to over $4K/month with Pinterest management alone. Now, with all the different skills and platforms I lesrned, I make anywhere from $12-15K A MONTH! Back then, I knew I had to do something
Bria | Social, Design, & AI

Bria | Social, Design, & AI

485 likes

A hand holds a pink iPhone with text 'Tech 101 For Beginners' and 'Tips to help Non-Tech Savvy Users,' accompanied by laptop and phone app icons, against a brick background.
A pink iPhone in its box, illustrating the tip to 'Keep Your Devices Updated' with text explaining why updates help and advising to enable automatic updates.
An iPhone screen displaying app icons and display settings, accompanying the tip to 'Use Strong, Unique Passwords' with reasons why and advice on using combinations and password managers.
Tech Hacks For Beginners 📲💻😬
I have some great tips for non-tech savvy tech users. I know these tips will help you learn your tech more quickly and effectively. 1. Keep Your Devices Updated Why It Helps: Updates often contain security patches and improvements that help your device run smoothly. Tip: Enable automatic updat
Joy 📚

Joy 📚

283 likes

How my perfume prompt started
This is my process most day. 🗒️ 💅🏼 A picture of what I have and or want to wear. Then using ai to make sure it will work. ⚡️ 💕 And of course, putting it on!! 🤖Asking Ai to help make the photo better, then posting. #promptschatgpt #aipromptsforcreators #perfumetips #emergingcreator
Bytes' Atelier

Bytes' Atelier

1 like

☕️ messy notes ??
Turn your chaotic brainstorming into clear, actionable steps! This prompt helps you organize thoughts and find a gentle path forward. Copy & paste your brain dump and let AI do the heavy lifting #AIPrompts #NotionAI #OrganizedThoughts #aipromptsforbusiness
Bytes' Atelier

Bytes' Atelier

6 likes

Tiny AI tip I use when a project starts feeling messy:
Changing topics? Change chats. Context windows fill up like a cup. After a while, your AI may still remember pieces of the old conversation, but the chat can get crowded with too many directions, drafts, and side quests. Before I switch topics, I ask: “Summarize the useful context from thi
Bytes' Atelier

Bytes' Atelier

2 likes

needed to relax 🙂‍↕️
#emergingcreator Bourbon Vanilla + Burberry Goddess is a very natural match. Bourbon Vanilla body cream will make Goddess feel warmer, sweeter, and more plush. Goddess already has that vanilla-lavender profile, so the cream turns it into a softer vanilla cashmere blanket scent. Best way to we
✨ Malware Noir ✨

✨ Malware Noir ✨

5 likes

How to Make a Dyson Sphere in Sandboxels
#dysonsphere #science #sciencegames #gaming #pixelart
R74n

R74n

7 likes

Reusable AI Prompts for Dashboards, Databases...
Notion Skills Prompt Pack for turning your ideas into reusable Notion AI workflows. Includes 5 prompt cards for dashboards, databases, workflows, projects, and content planning. Save each prompt as a Notion page, mark it as a Skill, and reuse it whenever you need a simple system. #aiprompts #ai
Bytes' Atelier

Bytes' Atelier

10 likes

love these 💋
have you tried kst? #perfumerecommendations #pride🌈 #perfumecollection
✨ Malware Noir ✨

✨ Malware Noir ✨

7 likes

A black journal featuring a white drawing of Jack Skellington's face and stars, held by a hand.
A journal spread featuring handwritten lyrics for "Sally's Song" from The Nightmare Before Christmas, adorned with various character stickers from the movie.
A journal spread with religious quotes and Bible verses about hope, rejoice, and faith, decorated with cross stickers and floral designs.
Journal Spreads ive done recently
okay its been a few months but so far i did great with all the stickers i love buyings stickers now as a comfort thing idk how to say it ig? but overall my journal spreads look so good so far i hope yall like it js as much as i do<3 anywho im waiting for an upcoming concert to add i cant wait to
mal<3

mal<3

165 likes

Ai Prompt to start the day.
It's hump day, I have been working on two sprints(projects). I need to remember where I left off yesterday. I simply ask my agent where we left off and where to pick up. That is it. #aiprompt #aipromptsforcreators #aiprompts #agents
Bytes' Atelier

Bytes' Atelier

5 likes

You Don’t Need an AI Agent Yet
Before you build something complex, fix the workflow underneath it. Better structure, cleaner prompts, and thoughtful automation usually move faster than “agentic” magic. If you don’t know where to start, we can help. We help CEOs everyday find a starting point. #AIWorkflows #AutomationTi
Bytes' Atelier

Bytes' Atelier

2 likes

my robot 🤖
I made a book about this robot and his life. My son did the rough drawings and we used AI to animate it. I call them botanibots #animation #ai #digitalart
Bytes' Atelier

Bytes' Atelier

2 likes

When Your Posts Stop Moving, Ask AI This
Tiny creator prompt for when your posts stop moving: Instead of assuming everything is failing, ask AI to look for patterns. Sometimes the answer is not “change everything.” Sometimes it is: * make the hook clearer * show the outcome sooner * use a more specific example * go back to the post
Bytes' Atelier

Bytes' Atelier

3 likes

📍USB Write Protected? Fix It Instantly
Seeing “The disk is write-protected” error on your USB drive? This quick guide shows how to remove write protection and regain full access to your files. Learn how to check the physical lock switch, use DiskPart commands, repair file system errors, and fix registry issues step by step. Many cases a
XanthusTechCore

XanthusTechCore

5 likes

winter goddess combo!
starting off with @TheTipsyGoatSoapCompany toasted marshmallow, this brings the fluffy and toasted scents. next is @Lattafa Perfumes Angham to bring you into the soft life. key notes are praline, lavender and vanilla. then we add @Ellis Brooklyn Apres to the clothes for the Christmas tree vibe.
✨ Malware Noir ✨

✨ Malware Noir ✨

1 like

Here’s What Happened when I
I gave it a vibe, showed it my perfume options, and AI picked the winner.🏅 I asked AI to build my scent of the day based on the vibe I wanted. I took pictures of a few perfumes I thought might fit, then asked AI to choose the best match. Honestly, I love using AI like this — not just to o
Bytes' Atelier

Bytes' Atelier

5 likes

Elite Hacker Destroyed His Empire By Forgetting On
Bro, I really forgot to use a VPN 💀 #hacker #cybercrime #fail #tech #arrestedstupidly
arrestedstupidly

arrestedstupidly

1 like

The Podcast Invite Scheme! Always remember - it’s not your fault ♥️ this happens to so many people. Most importantly: STAY SUSPICIOUS OF EVERYTHING 🥰💕 #podcastinvite #podcast #creator #storytime #scheme
Chloe

Chloe

70 likes

A creative prompt image showing a perfume bottle, notebook, and flowers. Text reads 'Creator Prompt: One Perfume = 3 Caption Ideas,' explaining how to use AI to generate mood, story, and educational captions from a favorite scent.
Your perfume shelf can be a content bank.
Pick one favorite scent and describe the bottle, mood, notes, or memory behind it. Then ask AI to turn it into: ✨ 1 mood caption ✨ 1 story caption ✨ 1 educational caption A tiny creator prompt for making content feel more personal, aesthetic, and easy to start. Save this for the next tim
Bytes' Atelier

Bytes' Atelier

4 likes

If you’re staring at Cricut Design Space with zero ideas this is for you! This free SVG website is perfect when you need inspiration fast. Save & share with your crafty bestie 💖 #designinspo #creativeart #DesignProcess #cricutprojects #CricutTutorial
VlunaWorks

VlunaWorks

2 likes

😋
If you want to smell like a sexy milk maiden, this is for you. 💕 idk what happened to my audio
✨ Malware Noir ✨

✨ Malware Noir ✨

1 like

art
random drawing I did last night #art
Bytes' Atelier

Bytes' Atelier

1 like

The image shows a computer monitor displaying a Disk Management interface, highlighting a hard drive labeled as 'Disk 1 Unknown Not Initialized'. The title asks, 'Disk Shows 'Unknown Partition'? Troubleshooting & Recover Data,' indicating the article's focus on resolving this common issue.
This image outlines the first three of '6 Proven Fixes' for an unknown partition. These include removing malware or viruses, checking and fixing file system errors using `chkdsk`, and fixing the bootloader in dual-boot systems with `bootrec` commands in the Windows Recovery Environment.
This image presents the remaining three of '6 Proven Fixes' for an unknown partition. It details rebuilding a corrupted partition table using `diskpart`, checking and replacing faulty hardware like SATA/USB cables, and fixing improper disk conversions by matching BIOS boot mode to the disk format.
💽PC Shows Unknown Partition? Let's Troubleshooting
Is your hard drive showing as an “Unknown Partition” in Disk Management? Don’t format it yet. This issue is often caused by corrupted partition tables, file system damage, or accidental partition loss. This guide shows how to recover files from an unknown partition safely, repair partition issues,
XanthusTechCore

XanthusTechCore

0 likes

This is the newest way people are getting hacked and if you use AI to answer your questions and give you advice, you need to watch this.Thanks to Huntress for reporting this Follow for more
Cybersecurity Girl

Cybersecurity Girl

15 likes

See more