MalHide

  • 13 June 2018
  • 0 replies
  • 143 views

Userlevel 7
Badge +36


 
28th May, 2018  By Pierluigi Paganini Security Affairs

SummaryThe cybersecurity experts Marco Ramilli analyzed a new sample of malware dubbed MalHide that implements a quite new attack path to use the compromised system as eMail relay in order to hide the attacker networks. 

I believe this is a quite interesting Malware because it firstly implements several obfuscation stages by using different obfuscation techniques and secondly it implements a quite new attack path (not new per-se but new on opportunistic malware families) where the attacker doesn’t want to steal information and/or compromise a system for possession and/or destruction but the attacker uses the compromised system as eMail relay in order to hide the attacker networks. It is amazing to figure out that attackers are primary moving on fraud direction. For example, having a successful privilege access on the victim machine, the attacker might decide to perform several malicious actions, but among all the choices, he decides to spawn an SMTP relay to send anonymously fraud emails.

 
Article Link - Read more
 
Glossary Blog Back to the Malware Manifesto

0 replies

Be the first to reply!

Reply