in ,

Nodersok Malware – what is it and how is it turning PC’s into zombies?

Microsoft has discovered a new malware campaign responsible for infecting thousands of Windows PCs around the world.

The Microsoft Defender ATP Research Team discovered the malware, named Nodersok, and clarified in a blog article that it is being spread through fraudulent advertisements that cause a Windows system to access HTZ documents used in HTML applications. This begins a method that launches Powershell scripts, Excel and JavaScript for downloading and installing Nodersok malware once a customer discovers and turns on the HTZ records on their machine.

The malware is fileless, according to Microsoft, and uses living-off – the-land binaries (LOLBins) to plug into leaving Windows system instruments and features. Nodersok then launches from the Node. JS system lawful modules like Windivert.dll / sys and Node.exe to perform its job. Nevertheless, false documents and executables are never published to the computer of an altered machine.

After the system has been fully infected, Nodersok can turn it into a zombie-like proxy machine used to launch other cyber attacks and even create a relay server that can give hackers access to command and control servers as well as other compromised devices. This helps hackers hide their activity from security researchers looking for suspicious behavior.

Microsoft scientists described in their blog post how they found the campaign for Nodersok malware, stating:

Not only because it uses sophisticated fileless methods, the campaign is especially interesting, but also because it depends on an elusive network infrastructure that causes the attack to fly under the radar. This campaign was discovered in mid-July when suspect patterns appeared from Microsoft Defender ATP telemetry in the anomalous use of MSHTA.exe

However Microsoft has updated its free antivirus software Microsoft Defender to identify the malware for those worried about their systems being infected by Nodersok.

Written by Maria

A Dreamer. Who also loves to write, focuses primarily on technology but also pays attention and has an interest in writing in multiple domains, i.e: travel, entertainment, shopping, & memes.

Malware on Google Playstore – beware of these Android apps

Tom Holland Spider-Man coming Back to the big screens.