Wardle wasn't able to completely dissect this piece of malware, so he's not quite sure what it does.īut he discovered that the server where it resides has been flagged as hosting a pirated copy of Cobalt Strike, a legitimate penetration-testing tool that criminals have cracked and repurposed for illicit means.Īs Wardle noted, it's possible that this mysterious fake Google Update is actually a Cobalt Strike "beacon," a program that creates a hidden backdoor on a system for other Cobalt Strike users to find. ![]() The other piece of malware masquerades as a Google Update application and is downloaded from a different server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |