Jump to content

This Windows malware turns your PC into a hacker’s punching bag

sincity

By sincity
in Technology

 Share

Recommended Posts

sincity Rookie

sincity

Posted
Posted

Being online just got a tad riskier, for the umpteenth time, thanks to the emergence of a nasty sounding piece of new malware that stealthily avoid detections.

Mylobot, discovered in the wild by Tom Nipravsky, a security researcher at Deep Instinct, is apparently building up a complex botnet, infecting Windows PCs and employs several measures to avoid detection.

The malware can be primed to deliver any number of different payloads, so it could install ransomware or a Trojan, pilfer data, recruit the machine to add firepower to a future DDoS attack – a whole host of unpleasant possibilities are at the malware author’s fingertips.

As for its detection evasion techniques, these include anti-sandboxing routines, disguising its inner workings via encryption, and using a reflective EXE – meaning it executes directly from memory rather than disk, making spotting it harder.

The malware lies dormant for two weeks, doing nothing and keeping a very low profile before finally searching out its command and control server. Stealth is at a premium here, for sure.

Botnet bashing

Interestingly, once active, Mylobot even searches for other botnets on the host PC, and attempts to stop their processes and remove them, effectively barging any competing malware out of the way.

It also shuts down Windows Defender and Windows Update to help make sure it can carry out its nefarious work (whatever that may be) without interruption.

All of which, in short, means this is a highly sophisticated and thus dangerous little beast.

Where did it come from? The origin of the malware remains unknown, as does the intentions of the author, but apparently there is some possible connection to Locky, a famous piece of ransomware, as well as other strains of the latter.

ZDNet reports that Nipravsky observed: “We haven't found any indication about who the author is, but based on the code, this is someone who knows what they're doing.”

Right now, the good news is that Mylobot is far from widespread, although that picture could easily change if the operation behind spreading the botnet is ramped up. And presumably that’s the eventual intention.

1JEyQ_4LGVI

View the full article

  • Thanks 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

About Us

We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.

Player Gaming Stats for =F|A= Servers.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept