![]() That’s bad news because a legitimate certificate causes plenty of traditional antivirus/endpoint solutions to give the software a pass.” “What makes this new variant particularly nasty,” the blog states, “is that it’s the later, fileless version of Kovter, and it’s now using an apparently legitimate certificate. The examination revealed that the threat was actually a new variation of the Kovter malware, which made a name for itself by hijacking machines and executing remote, sophisticated campaigns. Now for Something Completely Differentīarkly’s analysis of the payload allowed the researchers to finally identify it. The malware disguised itself as an update to the Firefox browser that needed a click to activate but otherwise looked normal. Even though Barkly prevented the breach, it wasn’t able to distinguish what the attacker was trying to deliver. A user clicked on a link or visited the wrong site and the malware took advantage - a relatively standard path.īut as SecurityWeek stated, it was the payload of this Firefox malware that was of interest. It was obvious that a drive-by attempt had been made in an effort to breach the system. Barkly, a computer security firm, had one of its installations sound an alarm due to a new Firefox malware.
0 Comments
Leave a Reply. |