Windows 10 ‘Finger’ command can be abused to download or steal files


The list of native executables in Windows that can download or run malicious code keeps growing as another one has been reported recently.

These are known as living-off-the-land binaries (LoLBins) and can help attackers bypass security controls to fetch malware without triggering a security alert on the system.

The latest addition is finger.exe, a command that ships with Windows to retrieve information about users on remote computers running the Finger service or daemon. Communication is carried via the Name/Finger network communication protocol.

Read more…
Source: Bleeping Computer