AdKoob information thief targets Facebook ad purchase info
In Summary : At Sophos, we are continuously on the lookout for new threats. One of the systems which helps us in sifting through the dail...
https://updatesinfosec.blogspot.com/2018/08/adkoob-information-thief-targets.html
In Summary :
At Sophos, we are continuously on the lookout for new threats. One of the systems which helps us in sifting through the daily volume of fresh malware is our sandbox environment, which gives us the ability to analyze the malware’s dynamic (runtime) behaviour.
Recently, we identified a suspicious executable which showed intriguing behaviour in our sandbox. The executable injected code into a legitimate windows binary (svchost.exe), and the injected code triggered one of our memory detections which aims to identify information stealing malware. The injected process ended abruptly and displayed an error message which didn’t make any sense relative to the type of code which the process contained: “The configuration file is missing. Re-installing Easy Backup may fix this problem”. [...]
kindly refer the following link as follow up :
https://ift.tt/2vMK9uF
At Sophos, we are continuously on the lookout for new threats. One of the systems which helps us in sifting through the daily volume of fresh malware is our sandbox environment, which gives us the ability to analyze the malware’s dynamic (runtime) behaviour.
Recently, we identified a suspicious executable which showed intriguing behaviour in our sandbox. The executable injected code into a legitimate windows binary (svchost.exe), and the injected code triggered one of our memory detections which aims to identify information stealing malware. The injected process ended abruptly and displayed an error message which didn’t make any sense relative to the type of code which the process contained: “The configuration file is missing. Re-installing Easy Backup may fix this problem”. [...]
kindly refer the following link as follow up :
https://ift.tt/2vMK9uF
