Brazilian-made bank trojan use spreading | SC Media
Phishing

Brazilian-made bank trojan use spreading

November 29, 2018
How the malware runs its course
- Social engineering as an entry point.
- Multiple redirections via URL shorteners and the usage of Dynamic DNS services.
- Payloads hosted on legitimate online storage services and CDNs (content delivery networks).
- Obfuscated PowerShell downloaders employing command-line logging evasion.
- Living off the land techniques that abuse Microsoft-signed binaries.
- Abusing trusted applications via DLL hijacking.
- Splitting the main payload into two or more components Splitting the main payload into two or more components.
prestitial ad