Dissected: A dropper-as-a-service miscreants pay to push their malware onto potentially 1,000s of victims


A dropper-as-a-service, which cyber-crime newbies can use to easily get their malware onto thousands of victims’ PCs, has been dissected and documented this week.

A dropper is a program that, when run, executes a payload of malicious code. The dropper is similar to a trojan, and it can sometimes have other functionality, but its main purpose is to get malware – which could be fetched from the internet, or unpacked from data within the dropper – running on a victim’s computer.

With a dropper-as-a-service (DaaS), a customer pays to have their malware distributed to these computers via droppers. The DaaS typically uses a network of websites to deliver droppers onto victims’ PCs that when run install and execute the customer’s malware

Read more…
Source: The Register