November 23, 2015 By Pierluigi Paganini
Security researchers at Damballa Willis McDonald and Loucif Kharouni have conducted a deep analysis of the Destover malware used in the Sony Pictures attack.
Security researchers at Damballa Willis McDonald and Loucif Kharouni have conducted a deep analysis of the wiper used by threat actors in the Sony Pictures hack. The experts discovered that attackers used a highly sophisticated disk-cleaning code dubbed Destover malware that stayed hidden using newly-uncovered anti-forensics tools.
The experts noticed significant improvements in the variant of Destover malware that was used to erased data across systems at Sony Pictures in November. In December security experts at Kaspersky Lab have detected a strain of Destover Malware that has been digitally signed with the certificates stolen during Sony attack.
Full Article