Source |
The Hacker News |
Identifiant |
632301 |
Date de publication |
2018-05-07 05:30:01 (vue: 2018-05-09 19:03:04) |
Titre |
First-Ever Ransomware Found Using \'Process Doppelgänging\' Attack to Evade Detection |
Texte |
Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection.
The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS
![](http://feeds.feedburner.com/~r/TheHackersNews/~4/t6Qe87AKvn4) |
Envoyé |
Oui |
Condensat |
advantage all attack built code could detection doppelgänging evade ever exploiting fileless first found function have help implementation injection loader malware microsoft modern new ntfs outdated process ransomware researchers security spotted takes technique transactions using versions windows works |
Tags |
|
Stories |
|
Notes |
|
Move |
|