- Регистрация
- 17 Февраль 2018
- Сообщения
- 39 339
- Лучшие ответы
- 0
- Реакции
- 0
- Баллы
- 2 093
Offline
Nearly 1 million Windows devices were targeted in recent months by a sophisticated "malvertising" campaign that surreptitiously stole login credentials, cryptocurrency, and other sensitive information from infected machines, Microsoft said.
The campaign began in December, when the attackers, who remain unknown, seeded websites with links that downloaded ads from malicious servers. The links led targeted machines through several intermediary sites until finally arriving at repositories on Microsoft-owned Github, which hosted a raft of malicious files.
Chain of events
The malware was loaded in four stages, each of which acted as a building block for the next. Early stages collected device information, presumably to tailor configurations for the later ones. Later ones disabled malware detection apps and connected to command-and-control servers; affected devices remained infected even after being rebooted.
Read full article
Comments
The campaign began in December, when the attackers, who remain unknown, seeded websites with links that downloaded ads from malicious servers. The links led targeted machines through several intermediary sites until finally arriving at repositories on Microsoft-owned Github, which hosted a raft of malicious files.
Chain of events
The malware was loaded in four stages, each of which acted as a building block for the next. Early stages collected device information, presumably to tailor configurations for the later ones. Later ones disabled malware detection apps and connected to command-and-control servers; affected devices remained infected even after being rebooted.
Read full article
Comments
