A new Windows malware in Play – SystemBC.
While finding and removing malware on your computer system may indeed be a joyous moment, there’s a new malware out there that will give you a headache instead. To know why, a dive through is needed into SystemBC, a malware written in C++ that has been discovered by researchers at Proofpoint and dubbed so because the word is a part of the URI path found in one of the malware’s advertisements.
How it operates is that it installs a Socks5 proxy on infected Windows computers by which it is able to connect to its command and control server, all the while managing to obscure its real IP address and doing things like bypassing firewalls without being detected.
See: Meet MyloBot malware turning Windows devices into Botnet
“In the most recently tracked example, the Fallout exploit is used to download the Danabot banking Trojan and a SOCKS5 proxy which is used on the victim’s Windows system to evade firewall detection of command and control (C2) traffic,” the researchers said.
While every malware can be lethal in itself, the real challenge for cyber-criminals is to figure out how to spread it. SystemBC has been doing this by packaging itself with two such exploit kits called RIG & the Fallout Exploit Kit (EK). For the unacq ..
Support the originator by clicking the read the rest link below.
