The Rombertik malware strain takes extraordinary measures to stop the analysis of its core functions and abilities, security researchers have discovered.
Security experts need to be able to detain and scrutinize samples of new malware entering the threat landscape in order to improve security products and antivirus software offered by cybersecurity companies. However, in reprisal, threat actors are making their lives more difficult through the use of anti-detection and analysis protocols -- such as wiping malware trails or systems altogether.
Ben Baker and Alex Chiu from Cisco Systems' Talos Group said in a blog post Monday that a new strain of spyware, dubbed Rombertik, is a complex system complete with "multiple layers of obfuscation and anti-analysis functionality" which highlights this growing trend.
Rombertik is spyware designed to collect data on everything a victim does online, doing so in an indiscriminate manner rather than focusing on areas such as Internet banking or social media accounts. After being loaded into a system via a phishing campaign and malicious email attachments, Rombertik runs a series of anti-analysis checks, such as checking to see if it is running within a sandbox. Full story...
Related posts:
Security experts need to be able to detain and scrutinize samples of new malware entering the threat landscape in order to improve security products and antivirus software offered by cybersecurity companies. However, in reprisal, threat actors are making their lives more difficult through the use of anti-detection and analysis protocols -- such as wiping malware trails or systems altogether.
Ben Baker and Alex Chiu from Cisco Systems' Talos Group said in a blog post Monday that a new strain of spyware, dubbed Rombertik, is a complex system complete with "multiple layers of obfuscation and anti-analysis functionality" which highlights this growing trend.
Rombertik is spyware designed to collect data on everything a victim does online, doing so in an indiscriminate manner rather than focusing on areas such as Internet banking or social media accounts. After being loaded into a system via a phishing campaign and malicious email attachments, Rombertik runs a series of anti-analysis checks, such as checking to see if it is running within a sandbox. Full story...
Related posts:
- Your HDDs were riddled with NSA spyware for years...
- Romanian man kills himself and four-year-old son because of malware on computer...
- New Android Trojan is virtually impossible to remove...
- Top porn sites 'pose growing malware risk' to users...
- A leading computer security company says it has discovered one of the most...
No comments:
Post a Comment