|
Best Porn Sites | Live Sex | Register | FAQ | Members List | Calendar |
Help Section If you have technical problems or questions then post or look for answers here. |
|
Thread Tools | Display Modes |
September 20th, 2023, 09:10 AM | #1 |
Vintage Member
Join Date: Aug 2015
Location: (Italia) Socmel bein in pônta con la ḅca ṭta ônta
Posts: 407
Thanks: 2,310
Thanked 14,178 Times in 388 Posts
|
XWorm and mediafire
News from ilsoftware.it, a well-known site in Italy
Code:
https://www.ilsoftware.it/malware-xworm-nuova-variante-preoccupa-gli-esperti-di-cybersecurity/
__________________
I write in English using DeepL Please excuse any error |
|
September 20th, 2023, 12:41 PM | #2 |
SuperMod, supergroovy
Join Date: Feb 2009
Location: Lost in the Forest
Posts: 6,007
Thanks: 49,885
Thanked 46,079 Times in 5,969 Posts
|
English translation, for anyone without that capacity -
Malware XWorm: new variant worries cybersecurity experts The new variant .XWorm's NET represents a great challenge for cybersecurity experts: that's what has been discovered. XWorm is a malware discovered for the first time in 2022 that, although relatively recent, it is evolving at a worrying rate. The team of analysts of ANY.RUN, in fact, he came across the most recent version of this malicious agent, with the opportunity to examine it and evaluate the news related to the new variant. A quick look at the results of the analysis revealed that the malware had initially been distributed through MediaFire, a well-known file hosting service. The malevolent agent was included in a RAR archive password protected. Thanks to an in-depth research, it was then possible to outline the main behaviors of XWorm. In an environment sandbox, the malicious agent has demonstrated how it works by adding to the list of apps automatically started with the computer being turned on, obtaining high privileges and trying to connect to a remote server. However, after these procedures, XWorm has taken on a very advanced and alarming behavior, which has left cybersecurity experts speechless. XWorm: moves and counter-moves in the challenge between cybercriminals and security experts Malware, in fact, felt it was in a virtual sandbox environment and it closed. This advanced circumvention technique allows cybercriminals to take time, making reading their malware campaign much more difficult. At this point, however, there was a skillful person counter-move of experts. To overcome this problem, in fact, the team has enabled the residential proxy in the sandbox settings. This functionality replaces the ’IP address the virtual machine data center with that of a ISP real, making malware believe it is running on a real user's machine. From this point on, experts have collected important data to counter XWorm. According to what was studied on the sample, this turned out to be a variant .NET malware, with a binary file subject to obfuscation techniques that have severely limited the work of technicians. A victory, therefore, halfway for the cybersecurity team. All this shows how insidious malware of this type is and how important it is for ordinary users to prevent contagion.
__________________
Don't cling to a mistake just because you spent a lot of time making it. |
The Following 11 Users Say Thank You to Jazz67 For This Useful Post: |
September 20th, 2023, 05:53 PM | #3 |
Veteran Member
Join Date: Aug 2008
Posts: 1,984
Thanks: 884
Thanked 98,329 Times in 1,987 Posts
|
Here is another source about this issue: https://thehackernews.com/2023/09/in...m-variant.html
If I'm not mistaken, the worm was spread via a specific RAR archive hosted on Mediafire, protected by a password. This means that not every RAR archive on Mediafire could be compromised.
__________________
If any of my posts or links is expired, please send me a PM. In case I can't reply, feel free to reupload. |
|
|