• About
  • Advertise
  • Careers
  • Contact
Monday, March 20, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Fileless Trojan “Astaroth” That Steals Credentials Is Back, Warns Microsoft

by Cyber360 News
November 11, 2019
in Security
0
Fileless Trojan “Astaroth” That Steals Credentials Is Back, Warns Microsoft
0
SHARES
4
VIEWS
Share on FacebookShare on Twitter

In a recent blog post, the Microsoft Defender ATP research team issued a warning about a harmful file-less malware campaign called Astaroth.

The team got alert when they noticed a sudden huge spike in the usage of the WMIC (Windows Management Instrumentation Command-Line) tool during the month of May and June 2019. They had deployed an algorithm designed to catch a specific form of file-less attack.

jamf now

Soon, they uncovered a malware campaign where spam emails were being sent to users, and it included a link to a website hosting a .LNK shortcut file.

Downloading the file on the machine automatically runs the WMIC and tools which facilitate further operations and downloads the Astaroth trojan. The trojan is famous for stealing credentials from apps and dumping them on remote servers.

The Astaroth Trojan was previously detected in 2018, and then earlier this year when it targeted users in Brazil and Europe. As per ZDNet, Microsoft researchers have said that this time also around 90% of Astaroth infections have occurred in Brazil. Also, the malware used almost the same tools as in previous instances.

The big concern regarding Astaroth is that it is a file-less malware which means all of its operations happen in the system memory instead of the hard drive. This makes it harder for antivirus and other security tools to detect it and take some action.

Further, Astaroth employs a “living-off-the-land” approach where almost all of the resources and tools it consumes are already available on the target machine in the form of system apps.

jamf now
Also Read: Google Researcher Finds Nasty iMessage Bug That ‘Bricks’ iPhone
Cyber360 News

Cyber360 News

Next Post
Canonical’s GitHub Account ‘Hacked’ But Ubuntu Repos Are Safe

Canonical’s GitHub Account ‘Hacked’ But Ubuntu Repos Are Safe

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In