By Eduard Kovacs on November 13, 2017 A China-linked cyber espionage group that may have been active since as early as 2010 has developed a new piece of malware that it has used in highly targeted attacks launched over the past year.
The new malware, dubbed Reaver, was analyzed by researchers at Palo Alto Networks, who identified ten different samples representing three versions of the threat.
The final payload of the malware has been loaded using Windows Control Panel (CPL) files, which is highly uncommon – Palo Alto Networks said only 0.006% of the malware it has seen leverages this technique. A surge in CPL malware was observed in 2013 and 2014 in Brazil, where cybercriminals had been using it to deliver banking Trojans.
Full Article.
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.