top of page
Search
Writer's pictureStormsec

Attackers Profiting from Proxyware

The ASEC analysis team recently discovered malware strains installing proxyware without the user’s permission. Users whose systems are infected with the malware have their network bandwidth stolen by attackers to gain profit. The method of earning profit by using the infected system’s resources is similar to that of CoinMiner. This type of malware has been continuously around for a while.




ATT&CK IDS: T1543 - Create or Modify System Process, T1443 - Remotely Install Application, T1539 - Steal Web Session Cookie, T1528 - Steal Application Access Token, T1073 - DLL Side-Loading, T1007 - System Service Discovery


Read More:

2 views

コメント


コメント機能がオフになっています。
bottom of page