Gregarius » BetaNews.Com » Malware hidden deeper in installer packages to evade detection

Canaux

108413 éléments (108413 non lus) dans 10 canaux

Actualités (48730 non lus)

• 01net. Actualités (48730 non lus)

Hoax (65 non lus)

• Top dix quotidien Sophos des canulars (65 non lus)

Logiciels (39066 non lus)

• BetaNews.Com (34382 non lus)
• Presence PC - Actualité Logiciels, jeux vidéos (3551 non lus)
• LeMondeInformatique.fr : Actualités Applications (1133 non lus)

Sécurité (1668 non lus)

• Actualités Sécurité Informatique (406 non lus)
• Les Nouvelles.net : sécurité informatique. (1262 non lus)

Referencement (18884 non lus)

• Secrets2moteurs (11765 non lus)
• Referencement Google WebRankInfo (2255 non lus)
• Abondance (4864 non lus)

BetaNews.Com

• 

  Malware hidden deeper in installer packages to evade detection

  Publié: mars 16, 2017, 3:15pm CET par Ian Barker

  Microsoft's Malware Protection Center has identified a new wave of NSIS (Nullsoft Scriptable Install System) installers that seek to evade detection by burying malware deeper in the code. The changes have been seen in installers that drop ransomware like Cerber, Locky, and others. The installers try to look as normal as possible by incorporating non-malicious components that usually appear in legitimate installers. Components include more non-malicious plugins, in addition to the installation engine system.dll, there's also a .bmp file that serves as a background image for the installer interface, to mimic legitimate ones, and a non-malicious uninstaller component uninst.exe. The… [Continue Reading]