New Malware Uses Windows BITS Service to Stealthy Exfiltrate Data

stealthfalcon malware windows bits

Cybersecurity researchers have found a brand new laptop virus related to the Stealth Falcon state-sponsored cyber espionage group that abuses a built-in element of the Microsoft Windows working system to stealthily exfiltrate stolen information to attacker-controlled server.

Active since 2012, Stealth Falcon is a classy hacking group recognized for focusing on journalists, activists, and dissidents with spyware and adware within the Middle East, primarily within the United Arab Emirates (UAE).

Dubbed Win32/StealthFalcon, named after the hacking group, the malware communicates and sends collected information to its distant command-and-control (C&C) servers utilizing Windows Background Intelligent Transfer Service (BITS).

BITS is a communication protocol in Windows that takes unused community bandwidth to facilitate asynchronous, prioritized, and throttled switch of recordsdata between machines within the foreground or background, with out impacting the community expertise.

BITS is usually utilized by software program updaters, together with downloading recordsdata from the Microsoft servers or friends to set up updates on Windows 10, messengers, and different functions designed to function within the background.

According to safety researchers…

Source link

Leave a Comment

Your email address will not be published. Required fields are marked *

Social media & sharing icons powered by UltimatelySocial

Enjoy this blog? Please spread the word :)