Submitted via IRC for BoyceMagooglyMonkey
Security firm FireEye has detected that malware authors have deployed the PROPagate code injection technique for the first time inside a live malware distribution campaign.
PROPagate is a relatively new code injection technique discovered last November. Back then, a security researcher found that an attacker could abuse the SetWindowSubclass API, a function of the Windows operating system that manages GUIs, to load and execute malicious code inside the processes of legitimate apps.
Source: PROPagate Code Injection Technique Detected in the Wild for the First Time
FireEye: RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique
This discussion has been archived.
No new comments can be posted.
PROPagate Code Injection Technique Detected in the Wild for the First Time
|
Log In/Create an Account
| Top
| 2 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
(1)
(Score: 0) by Anonymous Coward on Monday July 02 2018, @04:51PM (1 child)
Another windows virus. So many bugs in windows that this isn't news anymore. I'm beginning to think that MS actually *wants* bugs in their windows OS. How much is MS worth? Surely it couldn't cost more than 1 or 2 billion dollars to secure windows. How much is MS worth again?
Hey MS, are you going to fix windows?
(Score: 2) by AssCork on Tuesday July 10 2018, @01:54PM
Maybe not to you, but it is to me.
Getting a heads-up on something like this is important - it might not be your job to defend a bunch of hapless systems running Windows, but some of us have such a position.
Admittedly I would have found out about this eventually, but my first stop in the morning is SN :)
P.S: Yes I know this reply is woefully late - I thought I hit "submit" last week.
Just popped-out of a tight spot. Came out mostly clean, too.