Welcome to Smokey's Security Forums.
Guests only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Chinese backdoor malware resurfaces after more than a decade

Security researchers found a sophisticated remote access trojan that has resurfaced after more than a decade since it was first released.
The malware affects Windows 7 and up to Windows 8.1, the researchers confirmed.

Chinese backdoor malware resurfaces after more than a decade

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: WikiLeaks Vault 7: CIA's "Pandemic" Tool Replaces Files with Malware  (Read 31 times)

0 Members and 1 Guest are viewing this topic.

GilbertTopic starter

  • Updates Moderator
  • *
  • Offline Offline
  • location: Arctic
  • Posts: 31485
WikiLeaks Vault 7: CIA's "Pandemic" Tool Replaces Files with Malware
2 June 2017, 2:18 pm

WikiLeaks has released a new set of documents from its Vault 7 series, this time detailing a tool that the CIA allegedly uses to spread malware on a targeted organization's network. 

Appropriately called "Pandemic," the tool can install a file system filter driver on a network, replacing legitimate files with malicious payload when they are accessed remotely via the Server Message Block (SMB) protocol. 

"Pandemic does NOT//NOT make any physical changes to the targeted file on disk. The targeted file on the system Pandemic is installed on remains unchanged. Users that are targeted by Pandemic, and use SMB to download the targeted file, will receive the 'replacement' file," reads the tool's description. 

This makes this tool a rather interesting one to have since it is particularly difficult to identify infected systems. Since Pandemic replaces files while in transit, instead of modifying them on the device the malware is running on, the legitimate files remain unch... (read more)

Source: Softpedia News / Security

>> To obtain the full Softpedia Security News article, click the link in the first post line <<
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle