"Hackers Target Chinese-Speaking Microsoft Users With 'RedDriver' Browser Hijacker"
According to cybersecurity researchers, hackers are targeting Chinese-speaking Microsoft users with a tool called RedDriver that enables them to intercept web browser traffic. The Cisco Talos team has identified multiple variants of the RedDriver tool, which they believe has been used since at least 2021. The creators of RedDriver appear to be skilled in driver development and have an in-depth understanding of the Windows operating system. Drivers enable an operating system to communicate with hardware components, such as printers and monitors. This threat appears to target native Chinese speakers, as it seeks to take over Chinese-language web browsers. RedDriver was not linked to a specific cyber threat group. According to the researchers, the attack begins with a malicious file named DNFClient, referencing the popular game Dungeon Fighter Online. Once the file is executed, it initiates the download of RedDriver, described as a critical element of a multi-stage infection chain that ultimately hijacks browser traffic and redirects it. This article continues to discuss hackers targeting Chinese-speaking Microsoft users with RedDriver.