Crooks Selling Web Proxy With Backdoors

Todays Sale :> (4) Western Digital 250gb Velo...
FS: Windows 7 Pro Keys -- best prices, volume...
802.11ac wireless router with good range
No Man's Sky - a procedurally generated sand ...
FS/FT: Gigabyte H110M-S2HP Motherboard
FS: Chromecast, Dark Knight, Plantronics BT, ...

Deep Space Industries Plans To Land On Astero...
Tesla Autopilot 2.0 May Go Fully Autonomous
Black Desert Online
Nvidia Shield Tablet 2 Cancelled
FS: Nikon AF-S FX 85mm f/1.8G Lens, CKR10, CK...
Goldeneye: Source updated

Monday October 08, 2012

Crooks Selling Web Proxy With Backdoors

You know that great deal you got on that paid proxy service? Symantec says you are getting some free backdoor action without even knowing it.

The dropper installs the payload as a service on the computer, copying the payload executable to the system and installing the rootkit. The rootkit attempts to protect the malicious payload and all other files associated with the threat to increase the threat's persistence. The rootkit implements a novel method to avoid device-stack file scanning. The payload itself is a DLL, which is executed when the computer starts and acts as a low-level proxy service that enters the compromised computer into a large botnet used for funneling traffic.

Comments

Posted by Steve 7:09 PM (DST)

« Newer
Older »

Monday October 08, 2012

Crooks Selling Web Proxy With Backdoors

Main Navigation

News Archives

Search

Site Information

[H] Gold Awarded Articles

[H] Silver Awarded Articles