By Eduard Kovacs on April 12, 2016
Researchers at Dell SecureWorks and Palo Alto Networks have teamed up to analyze the Ramdo click-fraud malware, a threat that has been infecting computers around the world since late 2013.
Ramdo, also known as Redyms, helps cybercriminals make a profit by silently clicking on online ads from infected systems. The malware is also capable of downloading and installing additional malicious software on infected devices.
Once it infects a computer — primarily by leveraging exploit kits such as Angler, RIG and Magnitude — Ramdo checks for the presence of sandboxes and virtual machines, which could indicate that the threat is being analyzed by researchers. If these types of applications are not detected, the malware creates a new Windows process and injects a malicious DLL into it.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.