Home / Internet / New Windows Malware Installs Proxies to Hide Malicious Network Traffic: Proofpoint

New Windows Malware Installs Proxies to Hide Malicious Network Traffic: Proofpoint

New malware targeting Windows machines has been discovered. Dubbed as SystemBC, the malware installs SOCKS5 proxies on the infected machines and uses it to push a second piece of malware. According to researchers, the new malware is being advertised by the authors on underground cybercrime forums. It is also being distributed as a part of Fallout and RIG exploit kits. Exploit kits (EK) are Web-based systems that use browser-based vulnerabilities to install malware or send users to malicious webpages that trick them into installing malware.

“SystemBC is a previously undocumented malware that we have recently observed as a payload in both RIG and Fallout exploit kit (EK) campaigns,” researchers at Proofpoint wrote in a blog post. While EK activity has remained quite low relative to its peak in early 2016, they remain important vectors for malware distribution, particularly in regions where Windows piracy is common.

According to a report by ZDNet, SystemBC is essentially an on-demand proxy component for malware operators, which they can deploy on compromised systems to hide malicious traffic.

“SystemBC’s main role is to create a SOCKS5 proxy server through which the other malware can create a tunnel to bypass local firewalls, skirt internet content filters, or connect to its command-and-control server without revealing its real IP address,” writes ZDNet.

The malware was first spotted online in May; however, its creators have been advertising it since April.

Proofpoint researchers believe that the presence of the malicious proxy created by SystemBC malware will make it harder to detect using network edge detection. It recommends organisations to patch their systems with latest updates and avoid using older systems that use browser plugins susceptible to malware attacks and exploit kits.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

VMware Appoints Pradeep Nair to Lead India Operations

Apple’s AirDrop, Wi-Fi Password Sharing Features Could Leak Your Phone Number: Report

Source link

About admin

Check Also

WandaVision Episode 3 Recap: Double Delight in the 1970s

WandaVision episode 3 — out January 22 on Disney+ and Disney+ Hotstar — centres around ...

Leave a Reply

Your email address will not be published. Required fields are marked *