New evidence has found hackers gaining credentials through Safe Mode…
A new credential stealing method has hit the streets. A hacker now has the ability to place a false log in screen on your computer during a reboot in Safe Mode. This log in screen simply requests your credentials, and once you put them in the hacker has them! The screen used is able to be deployed in various Windows OS, including Windows 10.
At this time, Microsoft does not have intentions to fix this issue. The reason being, the hacker has to already have access to the computer before gaining the ability to insert the false log in screen.
Specific vulnerabilities or attack methods that lead to the initial breach of your PC’s security were not specified. This is because, this isn’t a “one-size fits all” kind of approach. The way the hackers gain access to your endpoint may vary, based upon the targeted user themselves. Once the hacker has access, they can require a reboot and insert the fake log in screen to obtain credentials.
The biggest take away here, is ensuring your operating system and applications are updated. This will avoid any vulnerabilities which hackers can exploit to gain initial access to your PC. Also, be sure to run a security scan at least once a week to remediate any malware found on your computer. Lastly, think before you click!!
Source: http://www.theregister.co.uk/2016/09/16/remote_hacker_nabs_win10_logins_in_wontfix_safe_mode_attack/
