Head Topics

'Fully undetectable' Windows PowerShell backdoor detected

United Kingdom News News

'Fully undetectable' Windows PowerShell backdoor detected
United Kingdom Latest News,United Kingdom Headlines
📆10/18/2022 11:15 PM
📰TheRegister
52 sec. here / 2 min. at publisher
📊News: 24% · Publisher: 61%

'Fully undetectable' Windows backdoor gets detected

According to Bar, prior to executing the scheduled task, the malware creates two PowerShell scripts,. Their content gets obfuscated and stored in text boxes within the Word file and gets saved to the fake update directory.

As such, the scripts don't get detected in VirusTotal.calls out to the C2 server to assign a victim ID number and to fetch commands to execute. It runs thescript, which will store information or execute PowerShell commands depending on the parameters passed by the initial script. According to Bar, the attacker messed up by issuing victim identifiers in a predictable sequence. This allowed the security researchers to develop a script that presented each victim's identifier to the backend system, so they could record the interactions with the C2 server in a packet capture. Thereafter they were able to use a second tool to extract the encrypted commands from the captured packets and decipher what the malware was doing.in files downloaded from the internet, something previously possible through a Trust Center policy."Yes, if macros are disabled, this attack vector won't work," a spokesperson said."But if the threat actor uses a different attack vector , the FUD PowerShell malware would work and spy on the victim." ®

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

 

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Scientists use enhanced environmental surveillance for poliovirus type 2 detection in London sewage samplesScientists use enhanced environmental surveillance for poliovirus type 2 detection in London sewage samplesScientists use enhanced environmental surveillance for poliovirus type 2 detection in London sewage samples ElsevierConnect NIBSC_MHRA Poliovirus Polio Detection Sewage
Read more »

Boffins propose robot that can build stuff in spaceBoffins propose robot that can build stuff in spaceE-Walker is a 'seven degrees-of-freedom fully dexterous end-over-end walking robot'
Read more »

Plans to scrap Humber Bridge toll booths prompt traffic concernsPlans to scrap Humber Bridge toll booths prompt traffic concernsThere are concerns it could fuel traffic at peak times
Read more »

O'Neil insists he remains 'fully focused' on AFC Bournemouth despite Middlesbrough linksO'Neil insists he remains 'fully focused' on AFC Bournemouth despite Middlesbrough linksGary O'Neil has maintained that he has not been approached by other clubs and he remains 'fully focused' on his role at AFC Bournemouth.
Read more »



Render Time: 2026-05-05 08:53:23