Be Aware aside from Coyote Malware there is also Microsoft Sharepoint Attacks

[serjent05]

After I read a thread created by Yaunfitda titled :   Coyote malware stealing banking and crypto information  there is another vulnerabilities on Microsoft applications where attackers target Microsoft's SharePoint platform to exploit software vulnerabilities to gain unauthorized access to steal data stored in Microsoft SharePoint. More information about the Microsoft Sharepoint attack here: What we know about the Microsoft SharePoint attacks

Attack : Microsoft Sharepoint Vulnerabilities attack
Target: Steal Global users' information and important document data (password, banking account credentials, crypto information)
Perpetrators: China-backed state actors, Linen Typhoon and Violet Typhoon, participating in the initial attack wave.

This is another reason why one should not save their private information or important data especially seed phrases, bank account information and all other sensitive data, in online storage or any cloud shared environment.

[Yaunfitda]

^^ Cyber criminals are leveraging Microsoft collaborative platform or any of their services. It is supposedly secure and safe, but we all know that there's no such thing as safe in the online space, specially coming from Microsoft as they are the best target because almost 80% of all programs and platform revolves around their product. And in just one click, they can accessed everything from us including our crypto. And I do agree, we shouldn't save any of our crypto information in the cloud or anything online. We really should be aware of this kind of attacks that's why I wanted to share it in our community so we can stay away from it and not be the next victim.

[Porfirii]

We're not talking about malware that infects individual devices anymore. Microsoft Sharepoint is often used in corporations and governments to share sensitive information, so it seems that they have escalated in their ambitions.

You can hire or train in-house cybersecurity services, but the assiduity with which we read this type of news corroborate that, unfortunately, Yaunfitda is right when he says that there is no such thing as safe in the cyberspace.

[Dave1]

We're not talking about malware that infects individual devices anymore. Microsoft Sharepoint is often used in corporations and governments to share sensitive information, so it seems that they have escalated in their ambitions.

You can hire or train in-house cybersecurity services, but the assiduity with which we read this type of news corroborate that, unfortunately, Yaunfitda is right when he says that there is no such thing as safe in the cyberspace.

Even if they hire in-house cybersecurity or train some employee on how to handle it, not good enough as you have said. This criminals are bold in their attack nowadays, they won't directly go for the infrastructure.

But they will go and lure the employees with different tactics like getting their profile on the internet and they go and phished them with links that's why being in the IT world specially that deals with crypto, you will be a primary target already.

[Patikno]

After I read a thread created by Yaunfitda titled :   Coyote malware stealing banking and crypto information  there is another vulnerabilities on Microsoft applications where attackers target Microsoft's SharePoint platform to exploit software vulnerabilities to gain unauthorized access to steal data stored in Microsoft SharePoint. More information about the Microsoft Sharepoint attack here: What we know about the Microsoft SharePoint attacks

Attack : Microsoft Sharepoint Vulnerabilities attack
Target: Steal Global users' information and important document data (password, banking account credentials, crypto information)
Perpetrators: China-backed state actors, Linen Typhoon and Violet Typhoon, participating in the initial attack wave.

This is another reason why one should not save their private information or important data especially seed phrases, bank account information and all other sensitive data, in online storage or any cloud shared environment.

It appears Microsoft SharePoint is used by a company, as I have never personally seen anyone using it, and neither have I.

Based on the references you mentioned, I believe the exploiter exploited a vulnerability in the released incomplete patches. Given that the application is used by a company, this would be extremely dangerous for its users, as we know there is the potential for significant data theft. Fortunately, Microsoft has released comprehensive security updates for its users, preventing this potential threat.

In addition, they also stated that their users or customers should configure Antimalware Scan Interface integration after upgrades, rotate SharePoint server ASP.NET machine keys, and then restart Internet Information Services on all SharePoint servers. This is because the attack involved stealing machine keys, which could grant permissions or access to computer systems after patched. I think this is very important to note, especially for the users, Cmiiw.

[joniboini]

It appears Microsoft SharePoint is used by a company, as I have never personally seen anyone using it, and neither have I.

I think it's quite popular in a collaborative environment, like if you're an office worker, remote worker, etc. There's little to no reason for someone who works alone to use this, especially if they're not doing real-time editing/document sharing with their employer. CMIIW.

Anyway, the number of attacks targeting collaborative platforms seems to pop up in the news more often lately. Stuff like sharing malware on GitHub, tricking job hunters with malicious codes etc, happens quite often now.