6th June, 2018 By Ionut Arghire Security Week
Summary - A recently discovered remote access Trojan is using a specialized program library that allows operators to interact with the infected machines directly, without an initial “beacon” message, G Data reports. Dubbed SocketPlayer, the backdoor stands out because it doesn’t use the typical one-way communication system that most banking Trojans, backdoors, and keyloggers use. Instead, it employs the socket.io library, which enables real-time, bi-directional communication between applications.
Article Link - Read more
Glossary Blog Back to the Malware Manifesto