Home
Internet
Internet News
Microsoft Spots 'Nodersok' Malware That Turns PCs Into Zombie Proxies

Microsoft Spots 'Nodersok' Malware That Turns PCs Into Zombie Proxies

After infecting a PC, Nodersok can turn them into proxies for launching other cyber-attacks.

By Indo-Asian News Service | Updated: 30 September 2019 12:13 IST

Microsoft Spots 'Nodersok' Malware That Turns PCs Into Zombie Proxies

Click Here to Add Gadgets360 As A Trusted Source

Researchers at Microsoft have uncovered a new malware campaign that is infecting thousands computers across the world.

After infecting a PC, the malware, dubbed Nodersok, can turn them into proxies for launching other cyber attacks.

"The majority of targets are consumers, but about 3 per cent of encounters are observed in organisations in sectors like education, professional services, healthcare, finance, and retail," Microsoft Defender Advanced Threat Protection (ATP) Research team said.

"The campaign is particularly interesting not only because it employs advanced fileless techniques, but also because it relies on an elusive network infrastructure that causes the attack to fly under the radar," the researchers wrote.

The attack begins when a user downloads and runs an HTML application (HTA) file named Player1566444384.hta.

The digits in the file name differ in every attack.

Analysis of Microsoft Defender ATP telemetry pointed to compromised advertisements as the most likely infection vector for delivering the HTA files.

Executing those files kickstart a process that opens up Powershell scripts, Excel and JavaScript to end up downloading and installing the Nodersok malware, The Inquirer reported.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.