silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,173
Criminals appear to have developed it knowing some users have not patched or updated to newer versions, Trend Micro says.
Organizations that do not patch critical vulnerabilities in the software they use can remain exposed to attacks indefinitely.
A case in point is a new malware variant that researchers at Trend Micro discovered targeting vulnerabilities that were discovered more than six years ago in Adobe Acrobat, Adobe Reader, and Microsoft Office software. Both companies had issued patches.
The malware is a variant of the Asruex Backdoor associated with DarkHotel, a group known for targeting business hotel visitors via hotel Wi-Fi networks. Asruex has been around since at least 2015 and allows attackers to take complete remote control of infected systems. It infects systems via a shortcut file, which, when opened, executes a PowerShell command that ultimately results in Asruex being downloaded on the system. The malware is designed to spread through network drives and removable drives, Trend Micro explained in an advisory this week.
Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
blog.trendmicro.com