Cisco-owned Talos Security Intelligence have discovered a new malware, named Rombertik. The malware lives on the victim's browser, in a way similar to a parasite, and exfiltrates login details and other sensitive piece of information to an external server. It also writes a byte of data to memory 960 million times so analysis tools get overwhelmed when reporting on it.
The malware can intercept any text written in a browser including sensitive data and if discovered would render the computer unusable by trashing it and behaving like ‘wiper’ malware.
It is capable of duplicating itself and deploying in browsers such as Firefox, Internet Explorer and Chrome and seems a unique malware for it’s unique ability to avoid and resist capture.
How do you detect malware on your end-user devices?
No comments:
Post a Comment