Thousands of PCs Affected by Nodersok/Divergent Malware


New malware identified by Microsoft and Cisco Talos has affected thousands of PCs in the United States and Europe and turns systems into proxies for performing malicious activity, the companies said.

The fileless threat—called Nodersok by Microsoft and Divergent by Cisco Talos—has many of its own components but also takes advantage of existing tools to do its dirty work. The malware leverages the popular Node.js framework used by many Web applications and WinDivert, a network packet-capture and manipulation utility, to turn the systems into unwitting proxies.

While both companies released reports on the malware Wednesday in separate blog posts, each had a different opinion as to exactly what it does.

Read more…
Source: ThreatPost