- Jul 22, 2014
- 2,525
Ransomware operators have changed tactics again, making the job of security vendors harder once more, as they switched to a new method of packing their malware inside NSIS installers.
NSIS, which stands for Nullsoft Scriptable Install System, is an open source scriptable installer/uninstaller system created for Windows PCs by Nullsoft, Inc..
For 16 years, software developers have been using NSIS to create installers for their applications, from Dropbox and McAfee, and from BitTorrent clients to Ubisoft games.
Because of the technology's popularity among developers and instant recognition among users, malware authors haven't shied away from packing their malicious code inside NSIS installers. Furthermore, the technology's open nature helped malware authors create various methods of delivering and hiding their code.
Rising trend of NSIS installers hiding ransomware
More details in the link above
NSIS, which stands for Nullsoft Scriptable Install System, is an open source scriptable installer/uninstaller system created for Windows PCs by Nullsoft, Inc..
For 16 years, software developers have been using NSIS to create installers for their applications, from Dropbox and McAfee, and from BitTorrent clients to Ubisoft games.
Because of the technology's popularity among developers and instant recognition among users, malware authors haven't shied away from packing their malicious code inside NSIS installers. Furthermore, the technology's open nature helped malware authors create various methods of delivering and hiding their code.
Rising trend of NSIS installers hiding ransomware
More details in the link above
