The SonicWall Capture Labs threat research team has identified a new development in the Horus Protector distributed infection chain. Recently, it has been targeting the French region with MoDiRAT, a malware notorious for stealing credit card and other victim information.
During the infection process, it deploys the DarkCloud stealer; however, before exiting, the loader verifies if the victim is located in France. If confirmed, it further infects the machine with the MoDiRAT malware. Previously, SonicWall researchers discussed the infection chain followed by Horus Protector, a crypter-loader service used to spread different malware.
Read more…
Source: SonicWall
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- NSA Advocates Data Sharing Framework
June 23, 2017
The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...

