6th June, 2018 By Ionut Arghire Security Week

 

Summary - A recently discovered remote access Trojan is using a specialized program library that allows operators to interact with the infected machines directly, without an initial “beacon” message, G Data reports. Dubbed SocketPlayer, the backdoor stands out because it doesn’t use the typical one-way communication system that most banking Trojans, backdoors, and keyloggers use. Instead, it employs the socket.io library, which enables real-time, bi-directional communication between applications.

 

Article Link - Read more

 

Glossary Blog Back to the Malware Manifesto