Click For Photo: https://regmedia.co.uk/2015/06/11/malware_8726373894756.jpg
Microsoft has lifted the lid on the inner-workings of a particularly nasty piece of fileless malware that aims to pilfer user data without needing to install software on the victim's machine.
Dubbed Astaroth – the same name as the Great Duke of **** – the software nasty has been in circulation since 2017 and has primarily been used to steal data from companies in South America and Europe via targeted attacks launched through spear-phishing.
Infection - Unique - Microsoft - Defender - APT
What makes the infection unique, says Microsoft Defender APT research team member Andrea Lelli, is its ability to fly under the radar of traditional antivirus products by operating without ever needing to install an executable on the victim's machine.
"Astaroth is a notorious info-stealing malware known for stealing sensitive information like credentials, keystrokes, and other data, which it exfiltrates and sends to a remote attacker," Lelli explained today.
Attacker - Data - Networks - Theft - Information
"The attacker can then use stolen data to try moving laterally across networks, carry out financial theft, or sell victim information in the cybercriminal underground."
Procedure - Detection - Tools - Process - Nothing
This procedure is highly effective against traditional signature-based detection tools because, throughout the process, nothing...
Wake Up To Breaking News!
A single death is a tragedy, a million deaths is a Government intervention.