The Malicious Intent of the “Here You Have” Mail Worm

Peaches

By Peaches,
in Security Alerts

 Share Followers 0

Recommended Posts

Peaches

Peaches

Posted
Posted
Oct26

The Malicious Intent of the "Here You Have" Mail Worm

The "Here You Have" Payload: A Powerful Backdoor

Not all backdoor applications are created equal. As such, it can be said that the cybercriminals behind WORM_MEYLE.B deliberately opted to use a BIFROSE backdoor program for several reasons. In our simulated environment, we saw that an attacker can use a BIFROSE variant to transfer files to and from an infected system, delete files, terminate processes, and steal sensitive information off an infected system such as the computer's name; lists of active users, processes, and windows; and serial keys, among others. It can also access and modify registry information, log and retrieve keystrokes, create a remote shell, issue commands that the infected user's shell can offer, and routinely capture and retrieve images of an affected user's screen

Details & screenshots plus Part I & Part II - http://blog.trendmic...il-worm-part-2/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 0
Go to topic listing