Malware News New Chainshot Malware Found By Cracking 512-Bit RSA Key

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Security researchers exploited a threat actor's poor choice for encryption and discovered a new piece of malware along with network infrastructure that links to various targeted attacks.
The new piece of malware, which received the name Chainshot, is used in the early stages of an attack to activate a downloader for the final payload in a malicious chain reaction.
Researchers from of Palo Alto Networks Unit 42 found Chainshot after following the trails of an Adobe Flash zero-day exploit (CVE-2018-5002) used in a series of targeted malware campaigns.
Chainshot is multipurpose

Apart from being part of a chain reaction that makes it difficult to analyze components individually, Chainshot contains code to search for and bypass Kaspersky and Bitdefender antivirus solutions for both x86 and x64 platforms.
Its task is to push another malware on the compromised machine, which drops the final payload. Chainshot is also responsible for fingerprinting the system, sending details about the user and the processes running on the machine.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top