One of the main goals of a cybercriminal is to gain total control over a victim’s machine. This is currently done through the use of RATs (remote admin tools) and other methods. The infected computers are used by cybercriminals for all sorts of malicious activity.
It’s no different with Brazilian cybercriminals - they have the same intent, but due to their culture of immediacy their efforts are often focused on creating Trojan bankers, rather than botnets, RATs or other methods of remote control. But this behavior is slowly changing - a recent attack shows they are ready to create a network of local infected machines and take total control of it, stealing personal data and using the infected machines to send spam. They are doing all this in a very creative way: registering a remote user account called ‘Remo’ which is password-protected. Through this account the cybercriminals have total access and control over the infected machine.
The attack starts with an e-mail posing as an alleged update for Flash Player. The downloader will actually install the legitimate Flash Player, but will also download another file that appears in the image below as “ajuda.txt”:
nod32 serial nod32 güncel keyleri nod32 keyleri güncel güncel nod32 keyleri
Hiç yorum yok:
Yorum Gönder