However, the company doesn't have any information about the identity of the targets, he said. It also queries the C&C servers for commands to execute, the F-Secure researchers said in the blog post.īased on statistics for the YouTube videos whose descriptions are parsed by the malware, the malware's functionality and the contents of the decoy document, F-Secure researchers believe the malware is being used in targeted attacks, Sullivan said. Janicab continuously takes screenshots and records audio and uploads the collected data to command and control (C&C) servers that it finds by parsing the description of specific YouTube videos. If users agree to open the file, the malware will install itself in a hidden folder in the user's home directory and will open a decoy PDF document containing what appears to be a news article in Russian.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |