Buzz
It's not just the new Botnet that can take control of your personal computer for illicit purposes. Microsoft and Cisco's Talos researchers have just uncovered a new strain of malware, named Nodersok or Divergent, that utilizes web applications to transform systems into proxies for malicious Internet traffic. Attackers force victims to execute an HTML Application (HTA) file through an ad or a disguised download, initiating a series of complex events. JavaScript within the HTA downloads a separate JavaScript file capable of running a PowerShell command to download or execute a series of tools, including tools to disable Windows Defender, demand more control privileges, collect data packets, and create a fake proxy.
Malicious software utilizes web applications as pathways for launching cyber attacks.
Most importantly, the infection mechanism of this malicious software relies on legitimate programs that may be integrated into Windows or downloaded from third parties. No malicious programs are copied to storage. This approach makes it more challenging for security experts to analyze the code and devise countermeasures.
There is still no definite information on who is behind Nodersok. However, it seems to belong to a typical cybercriminal group rather than originating from an adversarial nation. Cisco believes it is primarily designed for ad fraud or automated ad clicking to boost revenue for websites. The target audience is users in Europe and the United States, not businesses or government entities.
Both Microsoft and Cisco are eager to promote the capabilities of their enterprise defense systems against malware. However, most individuals do not have access to those resources, and traditional antivirus software will face a more challenging period. According to Microsoft, Nodersok has targeted thousands of computers in recent weeks, and they plan to address this issue in the near future.
The competition between Instagram and Snapchat is becoming increasingly fierce. Recently, Instagram threatens to remove user account verification for sharing content linked to Snapchat.
Don't forget to visit Mytour daily for the latest computer tricks and tips.
