Kaspersky discovered a malware that can decide how to infect victims



[ad_1]

The distribution of malware is done via spam emails containing attachments containing an infected executable file. When the file is opened, the executable is released. At this point, the Trojan decides what will infect the victim's PC. Malware checks for the existence of a "% AppData% Bitcoin" directory, which could indicate the existence of a Bitcoin wallet. According to researchers at Kaspersky Lab, this leads to the assumption that victims will pay to recover their files, so the Trojan crypt, which – theoretically – guarantees the attacker a quick profit In the Another scenario, criminals will attempt to "win" the victim's money without observing it, by setting up a mining program – provided that the PC has sufficient capacity for such actions that consume many resources.

It is interesting to note that the Trojan can completely ignore the infected device and not install any encryption or extraction program. The victim does not escape, unscathed, because the network worm will be launched – for example, the Trojan will try to distribute copies of all available computers on the victim's local network

"The fact that malware can decide how to infect the victims is another example that cyber criminals are trying to exploit at best: either directly by having them sing to get money (encryption program) by l & # 39; unauthorized use of resources (the mining program), either by extending the malware distribution chain, with the network worm, "says Orkhan Mamedov, malware analyst, Kaspersky Lab

[ad_2]
Source link