Bots learning taking screenshot and new tricks

in #technology7 years ago

Old botnet learning new tricks, like taking desktop screenshots
The group behind Necurs, one of the most venerable malware spamming operations, has added functions to its toolkit to gain new insight into its victims, according to a report released Tuesday.
B3E6FA96-3A5E-408E-B1C1-C41E06C8E371.jpeg

Necurs is a botnet, a vast network of hacked computers used in this case to bulk email malware to new victims. The malware includes TrickBot, which is designed to steal banking credentials, and Locky, a form of ransomware.

Researchers at Symantec announced Tuesday that in addition to its recent updates to Locky and TrickBot, the Necurs group added some curious updates to the program used to download Locky and TrickBot onto new systems.

Downloaders usually try to fly under the radar and operate as quickly and covertly as possible. The new updates add a screenshot function and error reporting to the mix.
BFA08AB0-A171-4355-B7EE-50C9CF7D7E61.gif
"When consider the screen grab functionality together with the new error-reporting capability, it suggests that the Necurs attackers are actively trying to gather operational intelligence (OPINTEL) about the performance of their campaigns," Symantec wrote in a blog post.

"After all, can’t count on the victims to report back errors and issues!" Symantec added later.

#science #bots
7 years ago in #technology by
$0.05
  • Past Payouts $0.05, 0.00 TRX
  • - Author $0.05, 0.00 TRX
  • - Curators $0.00, 0.00 TRX
7 votes
Reply 4
Sort:  
  • Trending
    • [-]
     7 years ago 

    @minnowpond1 has voted on behalf of @minnowpond. If you would like to recieve upvotes from minnowponds team on all your posts, simply FOLLOW @minnowpond.

            To receive an upvote send 0.25 SBD to @minnowpond with your posts url as the memo
        To receive an reSteem send 0.75 SBD to @minnowpond with your posts url as the memo
        To receive an upvote and a reSteem send 1.00SBD to @minnowpond with your posts url as the memo
    $0.00
      Reply
      [-]
       7 years ago 
      $0.00
        Reply
        [-]
         7 years ago 

        The @OriginalWorks bot has determined this post by @kskanak to be original material and upvoted it!

        ezgif.com-resize.gif

        To call @OriginalWorks, simply reply to any post with @originalworks or !originalworks in your message!

        To enter this post into the daily RESTEEM contest, upvote this comment! The user with the most upvotes on their @OriginalWorks comment will win!

        For more information, Click Here!
        Special thanks to @reggaemuffin for being a supporter! Vote him as a witness to help make Steemit a better place!

        $0.00
          Reply

          Coin Marketplace

          STEEM 0.28
          TRX 0.11
          JST 0.031
          BTC 69279.36
          ETH 3870.43
          USDT 1.00
          SBD 3.73