The researchers also discovered several other malware linked to the C&C URL including CoinSteal and Fareit. Trend Micro researchers analyzed the archive and discovered a trojan spyware disguising as TeamViewer to collect and steal user data.įurther digging into the archive revealed that once executed the malware also gathers device-related data and send it to control-and-command (C&C) domain (hxxp://intersys32com) which includes username, computer name, operating system, OS architecture, RAM size, whether there is an anti-virus solution installed on the system, and administrator privilege. Hxxp://rosalos.ug/xxx/ #MalwareMustDie /q1e3001ct3 #Malware #InfoSec #CyberSecurity #OpenDir It all started on January 20th when a security researcher going by the Twitter handle of FewAtoms detected a malicious URL containing an open directory leading visitors to a malicious self-extracting archive ( SFX/SEA). Note: It is worth mentioning that the official website of TeamViewer has not been compromised and downloads from it are safe and secure. Recently, the IT security researchers at Trend Micro have uncovered a malware campaign targeting unsuspecting users with a malicious version of TeamViewer. TeamViewer is a popular remote control desktop sharing software with more than 1 billion users and that makes it a lucrative target for cyber criminals.
0 kommentar(er)
